Do you want to make your Internet connection faster, or at least seem faster, without upgrading your circuits? There are a lot of ways to tune things up without touching the pipes. Here are some starting points.
The Internet has become so omnipresent that people don’t consider how much traffic they’re generating. Sometimes it’s obvious that someone is burning up the bits when you hear YouTube blaring from a monitor, but all the little bits and pieces of web browsing, Internet radio and obsessive checking of e-mail can and do add up, especially if you have a lot of users all on the same pipe.
Firewalls with content filtering can block inappropriate traffic during work hours, but you also might want to put some monitoring into place to see top talkers, top listeners and top applications. Open-source tools such as ntop are a starting point, or you can dive into commercial tools from manufacturers such as Ipswitch, NetScout Systems and SolarWinds.
If your virtual private network traffic seems slow, you might have fragmentation problems. VPN tunnels add overhead to IP, which means that a normal “full” IP datagram has to be broken in two. Sending the small one wastes a lot of resources, including bandwidth and router CPU, because IPsec VPN and TCP/IP overhead is more than 90 octets per datagram, even if it’s just one byte.
Use a protocol analyzer to watch the traffic and look for IP fragmentation on your important applications. If you do find fragmentation, consider reducing the maximum transmission unit (MTU) from 1500 to 1440, which will leave room for the VPN tunnel’s IPsec header.
Encrypting Secure Sockets Layer traffic can take a burdened server and push it over the edge. Most load balancers have an option to handle the SSL encryption themselves, freeing the server CPU for application processing.
If you don’t have load-balancer appliances, start by putting them in — they will speed performance of web applications and enterprise tools such as e-mail by letting you take advantage of the parallelism of multiple servers without the nightmare of configuring Windows or Unix clusters.
Load balancers also help increase application reliability by making it easy to take systems offline for maintenance. Then, turn on SSL offload on the load balancers to give the application servers even more of a performance boost.
If your site-to-site connections could use a boost, wide area network optimization can provide a dramatic increase in performance by caching and deduplicating data and by working around some of the inefficiencies of the TCP protocol.
Look for links that have bandwidth-delay products (multiply the link capacity in bits-per-second by its end-to-end latency in seconds) of 1 million or more. These are ideal candidates for WAN optimization, whether done by appliances or network modules, or by manipulating TCP protocol settings in the registry of every single device at each end.
If you’ve been looking for a reason to justify upgrading clients to Windows 7 and servers to Windows 2008, this may be it, because Microsoft began including protocol-based automatic WAN optimization in the network stack beginning with Vista.
Even if you don’t want to upgrade your connections, talk to your carrier and Internet service provider. You may find that you can get more bandwidth for the same money just by asking.
Everyone is on a tight budget, but your service provider likely won’t risk losing you to another carrier just to save a few dollars, so you probably can get an upgrade simply by bringing it up.
The service provider wants you to be happy, and bandwidth costs are dropping all the time. At contract renegotiation time, your organization will have even more leverage.