Typically, links that are configured between Solace appliances—both for VPN bridge connections, and neighbor links for multiple-node routing—have performance parameters set by default through Command Line Interface (CLI) configuration commands that are ideal for connectivity over a Local Area Network (LAN) or high-speed Metropolitan Area Network (MAN).
However, when deploying Solace routers in a Wide Area Network (WAN), where long message round-trip times and high latencies are typical, Solace recommends tuning VPN bridge and neighbor link parameters to improve link performance over WANs. This is done using the following CLI command configuration options.
The CLI command configuration options available for tuning either VPN bridge or neighbor link parameters to improve link performance over a WAN include:
Enabling compression saves precious bytes on narrow WAN pipes, allowing a higher message rate over the WAN link.
To epitomize bandwidth use over a WAN, chose the compressed-data option:
- through the remote message-vpn Bridge CONFIG command when setting up a VPN bridge connection
- through the cspf neighbor Routing CONFIG command when setting up a neighbor connection for multiple-node routing
To prevent latency spikes due to TCP slow-start (possibly due to a combination of bursty traffic over long latency links), the network administrator can configure a higher initial congestion window size on the WAN link, so that a high initial bandwidth is available to be consumed. This initial congestion window is used after connection establishment or recovery from idle.
Refer to Configuring TCP Initial Congestion Window Size for command details.
To improve link performance over a WAN include, you also perform the following tasks for tuning VPN bridge link parameters.
To maximize Guaranteed Messaging throughput over a WAN link, it is often necessary to increase the window size for Guaranteed messages to compensate for the long round-trip times over the WAN. The window size indicates how many outstanding Guaranteed messages can be sent over the Message VPN bridge connection to the remote router, before an acknowledgment must be received by the sending router.
However, configuring an excessively large message spool window size on low-latency VPN bridge links can negatively impact network performance. Contact Solace for technical support before changing this parameter, as they can assist you in choosing the appropriate value for your network conditions.
Refer to Configuring Message Spool Window Sizes for command details.
To prevent transport congestion discards in a router, the egress per-client priority G-1 (Guaranteed 1) queue on the Message VPN bridge connection must always be able to accept a burst of messages as large as the Guaranteed Messaging window size.
Therefore, duly configure for the router that receives the inbound bridge connection, on the client profile assigned to the client username being used for that inbound bridge connection, the minimum number of messages that must be on the egress G-1 queue before the queue’s depth is checked against the maximum depth setting (thereby allowing the queue to absorb a burst of large messages that exceeds the number of allowed work units).
Refer to Configuring Egress Queue Minimum Message Bursts for command details.
Any topic subscriptions configured against a bridge link cause published messages matching that topic to be sent over the bridge link, even though there may not be any consumers for the message on the receiving router. Therefore, avoid wide-reaching wildcard subscriptions on bridge connections. Instead, use more explicit subscriptions that attract only the traffic that needs to be transported over the WAN. While this recommendation is good advice for any bridge link, it is especially important for WAN links, where bandwidth is at a premium.
Refer to Configuring Remote Subscription Topics for command details.
If the TCP maximum window size is set to less than the bandwidth-delay product of the bridge link, then the TCP connection operates below its maximum potential throughput. If the maximum window is set to less than about twice the bandwidth-delay product of the bridge link, then occasional packet loss will cause the TCP connection to operate below its maximum potential throughput as it handles the missing acknowledgments and retransmissions.
However, there are also problems with a TCP maximum window size that is set too large, so it is important to set this value appropriately for bridge connections. The ideal setting for the TCP maximum window size is approximately twice the bandwidth-delay product of the bridge link.
Therefore, duly configure the TCP maximum window size for the router that receives the inbound bridge connection, on the client profile assigned to the client username being used for that inbound bridge connection.
Refer to Configuring TCP Max Window Sizes for command details.
The following configuration practices may be used for tuning neighbor link parameters to improve link performance over a WAN.
To reduce bandwidth usage by the routing protocols, and ensure that messages are never sent to clients who should not be receiving messages from remote publishers, only enable the subscription export policy on those Message VPNs which need network-wide visibility. Leave all other Message VPNs at the default setting of not export subscriptions.
Set the subscription export policy for a given Message VPN the same for all routers in the network.
Refer to Enabling Subscription Exporting for command details.