OK - I have a few years of networking experience, but I may have run into a fundamental "TIFU".
Months ago, we noticed poor performance downloading files from S3 (us-east-1) to our office (based overseas); we were getting just about 1-2 Mbps. After messing with MTU, MSS, and other knobs, I decided to take the big-hammer approach and we ordered a 50Mbps DirectConnect with a "Public" interface - Basically, AWS advertises all of their IP space (using BGP) down a 50Mbps L2 connection to my router. The L2 connection terminates inside an AWS rack.
...Well, I got it up-and-running, but we're still only seeing only 8Mbps on single HTTP requests. Our DirectConnect partner is telling me that 8Mbps is to be expected with 100Mbps (temporarily upgraded) and 130ms ping times.
Is he right? Is this the first time that "ping time" should have meant more to me than "time-to-first-packet"? Did I just send my company down an expensive rabbit hole that doesn't fix our problem?
EDIT:
I should add another "slow" use-case - We chose a "Public ViF" because we required increased performance of S3 traffic. As a side-effect, we though our AWS VPN connections would go faster, as those VPN endpoints are also advertised through the DirectConnect L2. Because these are IPSec VPN's, all traffic through the tunnel is effectively _one flow_ - As such, our VPNs are _also_ limited to the same ~8Mbps.
Yes, a Private ViF may perform better.
No comments:
Post a Comment