Solved: Internet slow on SSID passing through anchor - Page 2

sreelalggbm · ‎10-07-2012

Hai,

I have a wireless network with following structure.

2 WLCs for corporate

2 WLCs for Guest which is on DMZ zone.

EOIP is configured between CORP WLC to guest WLC and everything is working fine.

We have 1 corporate SSID for Inside users and trusted users.

1 for Guest users, customers and untrusted users which is passing through EOIP tunnel.

Now we ave noticed that internet speed is very slow for guest users. But from corporate its very fast and both of them are using the same internet connection.

I have done the following test.

Connected my PC to DMZ switch and tested the internet speed from guest vlan .It was very fast .But when it is on wireless, speeds is very slow.

Do we need to do something on the WLC config for solve this issue?

Thanks

Sreelal

George Stefanick · ‎10-08-2012

Right, but what model APs do you have to get 50 mb down ? You have to be using 802.11n for that speed. And if thats the case is your guest SSID locked to only 802.11g ?

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

sreelalggbm · ‎10-08-2012

I am using same laptop for both ssid

WLAN Radio Policy is activated with all radio 802/11 a/b/g/n.

corporate and guest having the same radio settings

Yahya Jaber · ‎10-08-2012

You are having 50Meg download speed on wireless? what is the AP model that provids you with that?

try to test the iperf on both the corporate and the guest now..and compare the results.

sreelalggbm · ‎10-08-2012

I am using AP 1252 and AP 3500

George Stefanick · ‎10-08-2012

Are you using bandwidth limiting on the SSID ? What is your QoS set to on both SSIDs?

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

sreelalggbm · ‎10-08-2012

I didnot configure any rate limit features.SSID qos setting is configured as SILVER

thanks

awatson20 · ‎11-08-2012

I have the exact same problem that you describe in this post. I can go through wired guest across same infrastructure and speeds are excellent. I can go across same wireless devices and speed is great, but going across the EoIP Tunnel to the anchor, and speeds/latency is terrible. Was this a duplex mismatch issue that you corrected to resolve? I am verifying, but do not think we have a half duplex issue.

fredrikcarlen · ‎02-04-2013

Did you manage to find the cause? Issue solved?

g-hopkinson · ‎05-10-2013

We are using wired guest access and have the same issue, poor perfomance when accessing the internet. This is very noticeable when using Citrix, which eventually stops repsonding, wireshark shows tcp zerowindow packets from client. Wireless guest access is fine through same WLCs. We have placed the client on DMZ switch and all is fine bypassing WLC topology. The wired topology looks fine in terms of Qos etc, although I notice some miss-configuration of speed/duplex between WLCs and switches, no errors shown. We are also using 4400 controllers.

Cheers.

awatson20 · ‎05-10-2013

Our issue was the Firewall we were using for the Guest Network. It had to do with the EoIP tunnels going through the firewall and the NAT table getting too large.

Abhishek Abhishek · ‎05-12-2013

Hello Sreelal,

As per your query i can suggest you the following solution-

I think that the wireless speed is very slow because of the half-duplex feature of wireless.It can either send or recieve a packet at a time but cannot do both send/recieve simultaneously at the same time.

Hope this will help.

cieftelecom · ‎10-01-2013

Hi sreelalggbm,

Finally did you find the source of your problem ? We have the same performance problem and there is nothing to do with

half-duplex. We have determined that guest's PC's with MTU set below than 1432 are working fine. With bigger MTU's settings, ( > 1432 and < 1500 ) we are clearly experiencing slow responses with loss of packets on the client side.

We have 2 WLC4402 as guest and 2 WiSM2 and 2 WiSM as corporate WLC.

Any idea ?

Regards

fredrikcarlen · ‎10-01-2013

There is probably an MTU-issue somewhere. You can make a test by reducing the TCP MSS for an AP in the WLC and connect to that AP. If this also works better you might have a look in your network if you maybe can adjust the TCP MSS in the router or find the root cause.

Good read on PMTUD http://type3code1.blogspot.se/2011/08/problem-with-pmtud.html

cieftelecom · ‎10-02-2013

Hi Fredrick, thanks for your response. We've configured tcp-adjust-mss at 1363 byte value and our performance problem

don't exist anymore.

Preventing Fragmentation

Unfortunately, there is no method to prevent LWAPP fragmentation in the controller or access points until code version 6.0 with the CAPWAP protocol.

To avoid fragmentation of client packets enable TCP Maximum Segment Size (MSS) control on the controller and lightweight access points in code versions 6.0 and later.

This feature allows connected CAPWAP access points to re-write client TCP SYN packets with the configured maximum segment size to optimize large data transfers and prevent fragmentation when CAPWAP encapsulated. The valid range is from 536 to 1363 bytes, and it is recommended to use a 1363 byte value.

Configure it from the CLI using this command:

config ap tcp-adjust-mss { enable | disable } { all | ap-name } tcp_mss_value