Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Subnet transfer speed problems


46 posts

Geek
+1 received by user: 4


Topic # 205848 29-Nov-2016 17:49
Send private message

Hi

 

Because I work from home I have divided my home network into two subnets, for simplicity's sake I'll call them Work and Home. I have turned off DHCP on the modem/router supplied by my ISP and added a raspberry pi as my DHCP server. I've attached a schematic of the network which shows how several devices are connected together. (The actual network is quite a bit more complex than this but I've reproduced the problems I'm having with the cut-down version shown in this diagram.)

 

Click to see full size

 

All cables are cat6, both hubs are Dlink DGS1008D (hence gigabit), and every device is connected via a gigabit network connection except for the pi which is 100M.

 

I am having three issues which are probably related but wonder if anyone can help me with an explanation for what I'm seeing so that I can address them.

 

1. File transfer speeds are very different depending on the subnet.
a. Transfers between 192.168.0.4 (a Synology Diskstation) and 192.168.0.21 (my homebuilt desktop machine) run at 100Mb/s.
b. Transfers between 172.16.9.5 and 172.16.9.4 run at 10Mb/s.
c. Transfers between 172.16.9.5 and 192.168.0.4 run at 1Mb/s.

 

2. Although the pi is not on the same hub as either the XPS15 or the Diskstation, when copying files between them - (c) above - the pi receives approximately 10,000 IRQ32 interrupts per second. For comparison, when copying within either subnet - (a) or (b) above - the pi receives approximately 700 interrupts per second, which is the same number as it receives when the network is idle.

 

3. I don't know whether it is relevant or not but the only difference between the two subnets is that the DHCP service on the pi points machines on the Home subnet to do DNS lookups externally (using my ISP's name server or Google's as a fallback), while machines on the Work subnet use the pi so that they can resolve addresses in the VPN which my work machines are connected to (the pi is running openVPN to enable this). But even if the only activity in the network is copying my backup files from the work XPS15 to the home Diskstation, the 'named' (DNS) and 'openvpn' processes on the pi are CPU bound. When the backup finishes, they revert to 1% cpu at most. This means that when the backup *is* running any other network activity in the work subnet is prone to timeout, and connections to other sites in the VPN are dropped.

 

Issues 2 and 3 would cease to be problems if the backup transferred at the speed it should be capable of.

 

Anyone got any helpful ideas?

 

cheers
T

Create new topic
27475 posts

Uber Geek
+1 received by user: 6939

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1679690 29-Nov-2016 18:54
One person supports this post
Send private message

Why have the different subnets? With no VLAN's for isolation it's pretty pointless.

 

BTW you have switches, not hubs. They're two very different things!

 

 

 

 

749 posts

Ultimate Geek
+1 received by user: 319

Subscriber

  Reply # 1679692 29-Nov-2016 18:54
One person supports this post
Send private message

We will need the gateway addresses (and subnet masks for anything that isn't /24)  Traceroutes between the hosts would help. I presume the Pi is routing stuff you wouldn't want routed, and possibly routing via your VPN in the worst performing situations.

 

 







 
 
 
 




46 posts

Geek
+1 received by user: 4


  Reply # 1679749 29-Nov-2016 19:47
Send private message

To sbiddle:

 

Yes switches not hubs, sorry.

 

By organising things this way only the pi needs certification for the VPN and any machines that attach to the work subnet will automatically have access to it. I maintain dhcpd.conf and private.db tables on the pi and that all works. The work machines can access home subnet devices (printers, scanner, NAS, etc.) either by IP address or by qualifying the node name (e.g. br4570cdn.home). Meanwhile the work subnet is effectively invisible to the home subnet.

 

To gbwelly:

 

The (work) XPS15
--------------------

 

Host name: tarkus
Primary DNS suffix:
Node type: Hybrid
IP routing enabled: No
WINS proxy enabled: No
DNS suffix search list: uk.worknetwork.com

Connection-specific DNS suffix: uk.worknetwork.com
IPv4 address: 172.16.9.5
Subnet mask: 255.255.255.240
Default gateway: 172.16.9.1
DHCP server: 192.168.0.1
DNS servers: 172.16.9.1

 

tracert 172.16.9.4
Tracing route to phaedra.ik.worknetwork.com [172.16.9.4]
1  <1 ms  <1 ms  <1 ms  phaedra.uk.worknetwork.com [[172.16.9.4]

 

tracert 192.168.0.4
Tracing route to diskstation.home [192.168.0.4]
1  <1 ms  <1 ms  <1 ms  172.16.9.1
2    1 ms     1 ms  <1 ms  diskstation.home [192.168.0.4]

 

 

 

The (home) desktop
----------------------

 

Host name: maestro
Primary DNS suffix:
Node type: Hybrid
IP routing enabled: No
WINS proxy enabled: No
DNS suffix search list: home

 

Connection-specific DNS suffix: home
IPv4 address: 192.168.0.21
Subnet mask: 255.255.255.0
Default gateway: 192.168.0.254
DHCP server: 192.168.0.1
DNS servers: 8.8.8.8, 8.8.1.1

 

tracert 172.16.9.5
Tracing route to 172.16.9.5
1   2 ms   3 ms   3 ms  192.168.0.254
2   ~       ~        ~      Request timed out.
3   ~       ~        ~      Request timed out.
etc.

 

tracert 192.168.0.4
Tracing route to diskstation [192.168.0.4]
1  <1 ms  <1 ms  <1 ms  192.168.0.4

 

 

 

Obviously uk.worknetwork.com is not the real address :-)

 

Is there anything else you need?

 

cheers
T

21823 posts

Uber Geek
+1 received by user: 4565

Trusted
Subscriber

  Reply # 1679755 29-Nov-2016 20:08
Send private message

So its going thru the pi which has a trash network performance at the best of times.

 

 




Richard rich.ms

3778 posts

Uber Geek
+1 received by user: 1497

Subscriber

  Reply # 1679791 29-Nov-2016 20:48
One person supports this post
Send private message

Yea the 172 network only knows how to get to the 192 network because of the Pi. So all the traffic is pumping through the poor little Pi.

 

You really want your two networks to come from the main router terminating the internet connection. Or upgrade the Pi to something that can handle the traffic (ie Mikrotik).

 

But just wondering, is the Pi just NAT'ing the 172 out over the OpenVPN interface? Or is there a proper route for that subnet at both ends? If it is just NAT'ing out over the OpenVPN interface's single IP address then you could just use it as a secondary gateway on your network. Just change the 'Work' PC's to be in the 192 network but manually set the gateway/dns addresses on those machines to the Pi's IP. That way all your local traffic is just going through the switches and internet bound traffic goes over your VPN.

 

Otherwise, get rid of the 659, put in a proper router with OpenVPN capabilities and set it up properly.

21823 posts

Uber Geek
+1 received by user: 4565

Trusted
Subscriber

  Reply # 1679796 29-Nov-2016 20:56
Send private message

Buy an odroid - similar to the pi, but a real gig ethernet interface on it not a bodge job of a USB to 100 megabit adapter. They can do pretty damn good speeds and are not much more than a pi.




Richard rich.ms



46 posts

Geek
+1 received by user: 4


  Reply # 1679861 29-Nov-2016 22:44
Send private message

Thanks everyone, at least I know what's going on now. The odroid looks interesting, I'd never heard of it before. Have you seen one in the wild?

 

cheers
T



46 posts

Geek
+1 received by user: 4


  Reply # 1680175 30-Nov-2016 16:21
Send private message

The fix is easy when you see it. The Synology NAS has four LAN ports so that it can support link aggregation (which I don't use). So it's easy to run a second cable to it and let the DHCP server allocate one connection to the home network and the other to the work one. There is no pi bottleneck any more, hooray.
Might still look at replacing the pi with an odroid or a NUC in the future though.

 

Cheers
T

21823 posts

Uber Geek
+1 received by user: 4565

Trusted
Subscriber

  Reply # 1680272 30-Nov-2016 19:47
Send private message

Problem is if you use the name of it, windows is not that smart at resolving it to the one that is the fastest.




Richard rich.ms

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.