Announcement

Collapse
No announcement yet.

Slow Citrix traffic over 877 ADSL2+

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Slow Citrix traffic over 877 ADSL2+

    I have setup an IPSEC Site to Site VPN across two Cisco 877 routers for clients to access a Citrix Presentation 4.5 Server. The VPN tunnel is up and passes traffic but I am finding that my users at the remote site are finding the link slow at times and the Citrix Server drops the connection. I have been thinking that may be fragmentation is the cause, but I have not been able to work out how to debug for this so far.

    I can only ping a packet of 1418 bytes over the VPN before I get a time out and for a packet over 1472 with the -f set I get the Packet needs to be fragmented response.

    What I am trying to work out is how can I improve an IPSEC VPN over ADSL2+?

  • #2
    Re: Slow Citrix traffic over 877 ADSL2+

    The 1472 packet size response is normal for Ethernet (1472 bytes of data + 20 byte ip header +8 byte icmp header + 14 byte ethernet header = 1514 byte ethernet MTU). You need to test for fragmentation from 1418 to 1472 with the -f option. Start at 1419 and work your way up one at a time until you get the fragmentation message. When you do you'll know that the ADSL connection is fragmenting it at that size. Add the ip and icmp headers to calculate the ADSL MTU. If it's smaller than 1472 then the ADSL connection is fragmenting the data.

    Comment


    • #3
      Re: Slow Citrix traffic over 877 ADSL2+

      Just found this nice utility to determine the path MTU. It might be helpful in pinpointing your problem.

      http://www.elifulkerson.com/projects/mturoute.php

      Comment

      Working...
      X