TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Our online store has been suffering significant performance impacts the last several
weeks. Real Secure on the CISCO monitoring port was the cause. I have been running
Real Secure for three years and subscribed to this list since its inception. Either I
have not been paying attention or this is the first I have heard of this issue. My
mantra of it is just a sniffer and will not impact the network has lost all
credibility. The following is a message from our network guys after talking to CISCO.
---start--
I have been working with Cisco tech support on the problem we have been seeing with
regards to the increased On-line response times during busy parts of the day. The
question posed to Cisco was, what impact does a monitoring port (Real Secure) have on
the overall traffic on the switch, if any.
The way it works is like this (re: Cisco 2900XL and 3500XL switches); A packet enters
the switch and is held in a shared memory buffer until it is delivered to it�s
destination port(s). The catch is, that it cannot leave the buffer until all
destination ports have been satisfied. If one port is congested and cannot receive
the packet, the packet must remain in the buffer until it can be delivered to the
congested port. When congestion occurs on a monitor port, slowing the delivery
process, the destination ports will also be slowed down!! So, if a monitor port is
receiving packets destined to all other ports on the switch and it becomes congested,
it would in turn slow all ports that it is monitoring! Not a good thing.
This seems to be the case with the 220 network. We disabled the monitoring port (Real
Secure) last week and the response times dropped. This is something that needs to be
addressed as quickly as possible. Since Real Secure is active on several critical
networks. (I am not sure if this applies to the 6500 and 5000 switches yet. The
ticket had to be transferred to the 5000/6000 switch support group.) As a temporary
fix, I have again disabled the monitoring capability on the 220 network. A longer
term solution may be accomplished by limiting the number of devices (ports) that are
monitored. If this problem is relevant only to the 2900/3500 family (pending), a
permanent solution could be achieved by use of a 5505 switch. This would require the
use of VLANS however. Things to consider.
-- end --
----------------------------------------------------------------
Get your free email from AltaVista at http://altavista.iname.com
