mysterious network performance problems

[number_nine]

We've got a server with multiple NICs, one of which is attached to a private network. Between our machine and the private network hub is a switch that we own, but our provider administers. One of our mission-critical applications communicates with this private network; delays on the order of milliseconds are very bad.

Recently, we've been seeing performance degradation on the order of 20ms. We rebooted the machine, and the situation improved. After some time (no more than a week), the performance problems returned. Again, a reboot fixed (or at least appeared to) fix the problem.

Unfortunately, none of us have the kind of network expertise required to troubleshoot a problem like this. I was hoping there are some network gurus on this forum that might be able to offer some suggestions, or some hints on where to start looking or even what questions we should be asking our network providers.

Any feedback is appreciated!
Thank you!

[erik258]

have you considered trying to find similar problems online concerning your exact variety of network card?

have you considered switching in another network card?

have you considered writing a cron job to simply unload the module for the card and reload it every 5 days or so? a workaround, but possibly a very effective one. of course, for it to work you'd need support for that card modularized, and all similar cards (same chip) in the system would go down when the problem nic went down.
_________________
Configuring a Firewall? Try my iptables configuration
LinuxCommando.com is my blog for linux-related scraps and tidbits. Stop by for a visit!

[number_nine]

[erik258]

maybe it isn't your card. that's a pretty reputiable name in network cards :)
_________________
Configuring a Firewall? Try my iptables configuration
LinuxCommando.com is my blog for linux-related scraps and tidbits. Stop by for a visit!

[think4urs11]

what about link speed and duplex settings for both the NIC and the switchport?
Check wether or not both 'think' the settings are in sync with each other or not.
If autonegotiation is used the problem might be easily fixed by setting the values on both sides to fixed values.
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself

[gerdesj]

[number_nine]

Think4UrS11 and gerdesj, thank you for your suggestions.

In fact, we did discover that our switch was hard coded to 100Mbs, full-duplex (i.e. auto negotiation disabled). However, our e1000 network card was set to auto negotiate.

I found out that, by default, when this specific situation occurs, that the e1000 driver will default to 100Mbps, half duplex. We discovered and remedied this problem a while ago, however.

Now we're afraid that someone upstream (i.e. out of our control) has made the same oversight. Unfortunately, I don't know how to test if that is the case or not.

Thanks again!

[gerdesj]

>>In fact, we did discover that our switch was hard coded to 100Mbs, full-duplex (i.e. auto negotiation disabled). However, our e1000 network card was set to auto negotiate.

Its a classic!

>>I found out that, by default, when this specific situation occurs, that the e1000 driver will default to 100Mbps, half duplex. We discovered and remedied this problem a while ago, however.

>>Now we're afraid that someone upstream (i.e. out of our control) has made the same oversight. Unfortunately, I don't know how to test if that is the case or not.

No, its not a card fault but the standard: In the event of autoneg failing then an interface will be able to work out the correct line speed but will not get the duplex and will default to half. So:

Switch forced at 100 full and a NIC left at autoneg. The NIC will get the 100 correct but default to half duplex.

As a result it is easy to determine when a mismatch occurs. Look for a NIC which is set to autoneg and is running at 100 half with dreadfull performance - its that simple and use ethtool to diagnose.

The simple rule is this: BOTH ENDS MUST MATCH - EITHER FORCED SPEED AND DUPLEX or AUTONEGOTIATION

The default of half duplex might seem silly but it is a hang over from the days of 10/half being the common set up. Back then the default of half in the event of autoneg failing was sensible. Nowadays no one runs 100/half (that I know of) but the standard has stuck. With gigabit there is no such thing as forcing the card - they all run at 1000/full but here you are plugged into a 100 bit port so it uses the standard for 10/100/half/full/autoneg.

When running at the wrong duplex, you should get quite a few errors, so why not use Cacti/MRTG or whatever to monitor the cards' error counts and notify you or really simple write a script run from cron that parses the output of ethtool and mails/pages you in the event of 100 half.

Cheers
Jon

[number_nine]