Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Slow Lan-- What will be the reason?

  1. #1

    Slow Lan-- What will be the reason?

    Hi guys,

    I am having a Gigabit LAN setup with a Cisco Router for connecting to Internet via Leased line & PIX firewall for protection. Having foure L2 switch (Cisco 2950) connected in ring type network (structure cabling with RJ 45 ). Spanning Tree has been enabled at every cisco switch. We are using D-link 1024R unmanaged switch for connecting PCs of end user. We have total 600 PCs connected in network. No VLAN has been created due to unmanaged swtch hasn't got vlan facility. Main purpose of our network in data sharing between Intrane rather than Internet.

    But from las 1-2 months our LAN becom slow.

    what will be the reason behind it ? how can I check the available bandwith & used bandwith of our network? will it be any virus problem?

    Shall I use Layer3 switch to connect all four L2 switches?

    ..Viruss


    Thanks in advance
    Be Cool ..


  2. #2
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    chances are you have a bunch of infected machines blasting your network and eating up the bandwidth. I would use a decent network monitoring tool (solarwinds is awesome, but expensive, Netowrk Sniffer is also very good) and watch the traffic levels on the routers. Also check your firewall logs and look for fishy traffic. make sure the computers are patched (yea this is a pain for that many computer, but necessary)

    chances are with the right tools you will be able to narrow the traffic down to a few IP addresses and just shut them down, clean them, and let them back in.

    good luck.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  3. #3
    Thanks XTC46..

    I will try your valuable suggestions practically. I have tried ethereal, but not able to detect the exact problem. What types of packets should I look to solve the problem? Shall I use any Enterprise version antivirus software to detect network viruses(welchia,nimda)? will You suggest me any good AV software?

    ... Viruss
    Be Cool ..


  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    You might try pulling one of the noticeably affected machines and scanning it for malware in safe mode.

  5. #5
    which software shall I use to scan thoroughly? Another question comes in my mind that connecting network in ring type topology will make LAN slow? is there any broadcasting done by unmanage switch ?

    sorry for asking such silly questions..
    Be Cool ..


  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    PC-Cillin, Kaspersky, AVG, McAfee will all probably do the job. I am not a fan of Norton, particularly in an environment where you already have a problem of it running slow. As you can get trial versions, you might like to try more than one?

    I would also get SpyBot S&D and AdAware SE.

    Remember, update everything and run it in safe mode.....................this is why I am suggesting you pull a machine and check that to see if you do have a malware malware problem, and if so, its extent.

    It might even be worth putting a local software firewall on the machine and re-connecting it to see who tries to connect, and on what ports.


  7. #7
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    if you are using ethereal try turning a machine on and not running any programs, if it starts broadcasting more than what it should than you have a problem. Also try going into a command prompt and typing in "netstat -a" without the quotes. that will show you all open ports and what their state is. if you see any strange connections take that machine and scan it with an antivirus and adaware.

    make sure all scans are in safemode.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  8. #8
    Member
    Join Date
    Sep 2004
    Posts
    77
    LANs slowdown is a big problem in many parts of the world. This is mainly due to spyware and malware being downloaded into your machines from the Internet. Once a host program is downloaded into your machine, it starts broadcasting data packets at exponentially increasing and alarming rates.
    Use some personal firewall and one Antivirus onto your machines. Monitor logs from the firewall and see which machine on your network is initiating the packet attacks etc inside your LAN. Clean those machines afterwards which have been detected to be infected.

  9. #9
    Senior Member
    Join Date
    Mar 2004
    Posts
    557
    Hi

    One source of problems has been thoroughly discussed (gauravjulka ,
    do you actually read previous posts before posting? I do not want to
    be rude, since sometimes it is good to paraphrase, elaborate or add
    additional information.).

    But from las 1-2 months our LAN becom slow.
    I am not sure, what that means. From every node to every node or just from
    some boxes to a few other boxes? Is one of the switches damaged? Collisions?
    Is one of the NIC's damaged and throwing electronic noise on the cable
    (I actually had this recently in my home network)? Cables ok?
    Does the spanning tree really eliminate all possible loops? Check your network
    topology drawings (Visio does really a nice job of illustrating these kind of issues).

    I would try to proceed as follows:
    physical layer ok? hardware?
    data link layer ok? spanning trees, loops?
    ...
    malicious activity?

    Note, besides "ordinary" loops, there is the issue of bridging loops in the STP
    environment, which comes from a port that should be blocking, but is forwarding
    traffic instead[1]

    Cheers.

    [1] http://www.cisco.com/warp/public/473/16.html
    If the only tool you have is a hammer, you tend to see every problem as a nail.
    (Abraham Maslow, Psychologist, 1908-70)

  10. #10
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    Sec_ware, I think you have the order to check tings mixed up. In my opinion starting from hardware failure is generally a bad idea becasue in a network this size there could be a problem almost anyware. you want to start with the easy/obvious possibilities first. If the slow down is just in the last month or two it probably is malware (which has been pointed out over and over again) from there I agree take a look at some network diagrams (visio is my fav also) and see where else the problem can be. check your logs for collissions, errors, time outs. things of that nature. THEN if all else fails start testing cables and all that good stuff. Token ring networks are generally slower, and you may want to look into upgrading to a better topology (if time/money permits) most common are star topologies.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •