Hello, we have WildBlue and are having problems.
My husband works for HP and can work from home. We live in the country and can not get DSL or Cable. We have WB satellite, and when we first got WB for about three months it was wonderful. But now when he hooks up to the HP system, his connection becomes slower then dial-up.
We have talked to all the techs at WildBlue more then once but because our speeds are good when not connected to HP they can not help us. Not sure why they were great for three months and now super slow??
Is there something we can buy or do to help get faster connections to HP? Thanks for you time.
Satellite Internet Forum
Discussion, questions and answers about Satellite Internet Technology
Wildblue: Does anyone know what's going on?
11 posts • Page 1 of 1
Re: HELP! Does anyone know whats going on?
by kocca » Fri Sep 01, 2006 6:07 am
I assume the connection to work is via VPN. If so, the problem is one of satellite path latency versus VPN protocol, a protocol which was essentially designed for terrestrial broadband systems. Even on them VPN is slow, because of all the transmission acknowledgements required. Waiting for them to come back via satellite magnifies the issue tremendously.
There are a few VPN clients that claim to be "satellite friendly", but it's not likely your employer is going to buy the software for one employee who elects to work via satellite. FWIW, read item #30 on WildBlue Frequently Asked Questions.
kocca
There are a few VPN clients that claim to be "satellite friendly", but it's not likely your employer is going to buy the software for one employee who elects to work via satellite. FWIW, read item #30 on WildBlue Frequently Asked Questions.
kocca
- kocca
Re: HELP! Does anyone know whats going on?
by kocca » Fri Sep 01, 2006 8:39 am
I would only be guessing. Have you asked tech support to compare current SVT readings with the commissioning baseline numbers? That might show whether or not your dish moved, or maybe that your modem isn't ramping up the transmitter properly.
Another thing is that your VPN might prefer a static IP. None are available from WB, but it's possible to have the same dynamic IP address for up to a few months. Perhaps the IP address changed, affecting the VPN performance?
kocca
Another thing is that your VPN might prefer a static IP. None are available from WB, but it's possible to have the same dynamic IP address for up to a few months. Perhaps the IP address changed, affecting the VPN performance?
kocca
- kocca
performance problem is associated with the VPN
by pgannon » Thu Sep 07, 2006 1:11 am
Assuming the performance problem is associated with the VPN, you might suggest your husband ask if his company supports SSL-VPNs. He probably has an IPSec VPN, and because the original TCP data is packaged in a new VPN "envelope" the acceleration techniques used by broadband satellite vendors won't work.
SSL-VPNs encrypt the data, but leave the original TCP headers alone so that the acceleration techniques continue to operate properly. I have no familiarity with WB, but I was involved in the original DirecWay rollout and what happened was the first users got great service until more sites were added and the system became saturated. Because these systems always start with huge debt, the providers are unwilling to add more bandwidth until the system starts to show profitability.
However, since you indicated in your original post that the performance is satisfactory when connected to sites other than HP, the chances are pretty good that this is a VPN issue. If HP wants to keep IPSec VPN software on the employee PCs, and if they have enough employees using VSAT services to justify it - then you can have your husband direct HP to Packeteer who bought a company called Mentat some time ago. Mentat makes a solution to accelerate TCP on the user's PC before it hits the VPN software, but it requires an appliance at the HP site, as well as licensing fees for each PC using it.
Another solution, if HP is willing to consider it, is to take the VPN software off the PC, and use an appliance from Encore Systems called the Bandit. One box is required at the remote site and the data center. It operates similar to an SSL-VPN, insofar as it encrypts the data, but leaves the TCP headers alone, so the acceleration techniques work properly.
I'm just thinking out loud here, and have no idea if this will work, but it just occurred to me. A possible solution is to use a product called GoToMyPC and have your husband use that to remotely access his PC in his office which can connect to the HP network at full speed. I believe that the GoToMyPC product uses SSL for security, so the TCP Acceleration should work. It basically echoes the screen and keyboard to your PC at home, while the actual data connection is between the office PC and office network. If someone tries this and it works, please post the results.
Along the same lines, you might have him check and see if HP supports Citrix, which could also provide a similar capability.
Good luck, you aren't the first to encounter VPN performance issues over satellite. The best and simplest solution is probably an SSL-VPN as this connection operates very much like a secure credit card transaction on a web site - and I'm sure that works fine on WB.
It does strike me as strange that it worked well for a few months and then got worse. A possible reason is that WB may have added proxy servers in the path, and for technical reasons I don't understand, the data path is further degraded for VPNs. It could have something to do with the fact that the proxy servers are looking for TCP data, and IPSec VPNs are transported in UDP. I recall that there were similar issues with the Hughes service when they added proxy servers of some sort. The idea of the proxy servers (I guess) is to cache heavily used content in order to speed downloads, but addressing or protocol issues may create additional performance problems for VPNs. I haven't had anything to do with Hughes in years, so I can't comment on how they architect their network today, and I don't know if VPNs still have severe performance limitations on their service. The availability (or lack thereof) of public IPs could be a big part of the problem as mentioned earlier. DW did not give out public IPs in the early days. As mentioned by Gregg, dynamic IPs may be assigned for long periods of time. Type "ipconfig" at a DOS command prompt to get the currently assigned IP address, and change the IPSec configuration if it doesn't reflect the correct address.
Pat
SSL-VPNs encrypt the data, but leave the original TCP headers alone so that the acceleration techniques continue to operate properly. I have no familiarity with WB, but I was involved in the original DirecWay rollout and what happened was the first users got great service until more sites were added and the system became saturated. Because these systems always start with huge debt, the providers are unwilling to add more bandwidth until the system starts to show profitability.
However, since you indicated in your original post that the performance is satisfactory when connected to sites other than HP, the chances are pretty good that this is a VPN issue. If HP wants to keep IPSec VPN software on the employee PCs, and if they have enough employees using VSAT services to justify it - then you can have your husband direct HP to Packeteer who bought a company called Mentat some time ago. Mentat makes a solution to accelerate TCP on the user's PC before it hits the VPN software, but it requires an appliance at the HP site, as well as licensing fees for each PC using it.
Another solution, if HP is willing to consider it, is to take the VPN software off the PC, and use an appliance from Encore Systems called the Bandit. One box is required at the remote site and the data center. It operates similar to an SSL-VPN, insofar as it encrypts the data, but leaves the TCP headers alone, so the acceleration techniques work properly.
I'm just thinking out loud here, and have no idea if this will work, but it just occurred to me. A possible solution is to use a product called GoToMyPC and have your husband use that to remotely access his PC in his office which can connect to the HP network at full speed. I believe that the GoToMyPC product uses SSL for security, so the TCP Acceleration should work. It basically echoes the screen and keyboard to your PC at home, while the actual data connection is between the office PC and office network. If someone tries this and it works, please post the results.
Along the same lines, you might have him check and see if HP supports Citrix, which could also provide a similar capability.
Good luck, you aren't the first to encounter VPN performance issues over satellite. The best and simplest solution is probably an SSL-VPN as this connection operates very much like a secure credit card transaction on a web site - and I'm sure that works fine on WB.
It does strike me as strange that it worked well for a few months and then got worse. A possible reason is that WB may have added proxy servers in the path, and for technical reasons I don't understand, the data path is further degraded for VPNs. It could have something to do with the fact that the proxy servers are looking for TCP data, and IPSec VPNs are transported in UDP. I recall that there were similar issues with the Hughes service when they added proxy servers of some sort. The idea of the proxy servers (I guess) is to cache heavily used content in order to speed downloads, but addressing or protocol issues may create additional performance problems for VPNs. I haven't had anything to do with Hughes in years, so I can't comment on how they architect their network today, and I don't know if VPNs still have severe performance limitations on their service. The availability (or lack thereof) of public IPs could be a big part of the problem as mentioned earlier. DW did not give out public IPs in the early days. As mentioned by Gregg, dynamic IPs may be assigned for long periods of time. Type "ipconfig" at a DOS command prompt to get the currently assigned IP address, and change the IPSec configuration if it doesn't reflect the correct address.
Pat
- pgannon
Re: HELP! Does anyone know whats going on?
by kocca » Thu Sep 07, 2006 4:32 am
A proxy server is in the path only if:
a. the WildBlue Optimizer utility has been run on the affected PC, or
b. if a proxy server is manually entered into the browser/VPN client connection properties.
If either of the above applies, the proxy path can be bypassed by removing the server address from the appropriate connection properties. Maybe even by uninstalling the Optimizer, but I wouldn't count on that.
kocca
a. the WildBlue Optimizer utility has been run on the affected PC, or
b. if a proxy server is manually entered into the browser/VPN client connection properties.
If either of the above applies, the proxy path can be bypassed by removing the server address from the appropriate connection properties. Maybe even by uninstalling the Optimizer, but I wouldn't count on that.
kocca
- kocca
Re: Wildblue: Does anyone know what's going on?
by danny_sadler » Sun Feb 11, 2007 7:36 am
neither wildblue or hughesnet supports VPN. not to say it will not work, i have seen it work on both. it is always slow. the only VPN i have seen that works fairly well is the web based VPN.
- danny_sadler
Re: Wildblue: Does anyone know what's going on?
by HVYMTL » Fri Mar 16, 2007 3:19 am
No experience with your service but - use the Hughesnet with static IP, 7700 modem, VAR 512/2mb and also iDirect 350/1mb service at two sites. These are at the remote sites. The office runs MS 2003 small business server & firewall for cable connection to internet. We run a Enterprise2003 server with Citrix Presentation server ver.4 to lower bandwidth requirements and latency reduction for remote clients.
Clients establish a VPN connection to SBs server, then run Citrix to connect to a VMware Win98 machine to access old NT4 sever running as a VM server. A complicated arrangement, all aimed at providing dial up type speeds and responses to eliminate long distance $$$ charges from outside the US.
Our project is successful, but will never exceed dial up speeds, unless we invest in another investment in VPN acceleration appliances on each end for another 5-10K. Citrix works very well to reduce bandwidth requirements and help offset latency affects. We are happy with dial up speeds and no long distance charges of $800 a month.
Clients establish a VPN connection to SBs server, then run Citrix to connect to a VMware Win98 machine to access old NT4 sever running as a VM server. A complicated arrangement, all aimed at providing dial up type speeds and responses to eliminate long distance $$$ charges from outside the US.
Our project is successful, but will never exceed dial up speeds, unless we invest in another investment in VPN acceleration appliances on each end for another 5-10K. Citrix works very well to reduce bandwidth requirements and help offset latency affects. We are happy with dial up speeds and no long distance charges of $800 a month.
- HVYMTL
Re: Wildblue: Does anyone know what's going on?
by suezqszoo » Fri Mar 30, 2007 6:46 am
I KNOW WHAT IS GOING ON 
. Due to their satellite being over crowded; in November Wildblue turned up their latency. Now latency can be over 3000 ms which is NUTS!! It used to be 600ms or less. If you notice you will be getting over 40% packet loss also. That is why instant messenger times out and pages won't load sometimes.
I too used to work from home using a vpn connection. Now am stuck driving into work! It was perfect for almost a year. Then stopped working and dial up is slow but a lot faster than my 80 dollar a month useless WildBlue connection. Wildblue also changed their contract which used to say if you were paying for 1500 down you would get 80% of that. BUT now they guarantee NOTHING!!! So my suggestion would be either go back to dial up or find another satellite provider. WildBLUE is useless! Good Luck!
. Due to their satellite being over crowded; in November Wildblue turned up their latency. Now latency can be over 3000 ms which is NUTS!! It used to be 600ms or less. If you notice you will be getting over 40% packet loss also. That is why instant messenger times out and pages won't load sometimes.I too used to work from home using a vpn connection. Now am stuck driving into work! It was perfect for almost a year. Then stopped working and dial up is slow but a lot faster than my 80 dollar a month useless WildBlue connection. Wildblue also changed their contract which used to say if you were paying for 1500 down you would get 80% of that. BUT now they guarantee NOTHING!!! So my suggestion would be either go back to dial up or find another satellite provider. WildBLUE is useless! Good Luck!
- suezqszoo
Re: Wildblue: Does anyone know what's going on?
by gilcabo » Wed Apr 11, 2007 11:28 am
I don't think your statement is accurate.
I've been installing WB for about a year so far and I have not found any problems with the service. I have over 100 customers so far and believe or not, no one has cancelled their service.
I have had problems with the service. For example, the most common is a bad tria. They have failed a lot lately.
If you have the service and you're getting a slow connectivity please call wildblue and schedule a service call. Ask your installer to replace the tria and try it immediately. The connectivity will become faster and you will enjoy the service again.
It's true, WildBlue has been very successful and they over crowded the satellite but they suspended installations immediately. It was approximately in March 27th when they release installations with the new satellite WildBlue-1. Try it and please let me know at gcservices@wildblue.net and if you have further questions please don't hesitate and drop a line or two.
Regards,
Gil
I've been installing WB for about a year so far and I have not found any problems with the service. I have over 100 customers so far and believe or not, no one has cancelled their service.
I have had problems with the service. For example, the most common is a bad tria. They have failed a lot lately.
If you have the service and you're getting a slow connectivity please call wildblue and schedule a service call. Ask your installer to replace the tria and try it immediately. The connectivity will become faster and you will enjoy the service again.
It's true, WildBlue has been very successful and they over crowded the satellite but they suspended installations immediately. It was approximately in March 27th when they release installations with the new satellite WildBlue-1. Try it and please let me know at gcservices@wildblue.net and if you have further questions please don't hesitate and drop a line or two.
Regards,
Gil
- gilcabo
Re: Wildblue: Does anyone know what's going on?
by Iv&Mar » Thu Apr 12, 2007 3:19 am
I agree with the above contributor. If you are having problems then get WB to help diagnose and resolve it. In case anyone wonders what is a TRIA: it is a "Transmit Receive Integrated Assembly". In the case of Wildblue it is the sealed electronic module under the antenna arm that comprises a Ka band LNB, BUC, filters and feed horn assembly.
- Iv&Mar
11 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests
News
Site map
SitemapIndex
RSS Feed