Superspeed your network for free... or nearly

The rear of a router with an Ethernet cable inserted into a slot
(Image credit: Getty Images)

A slow network hampers your productivity, and it’s also frankly embarrassing – it sends a message to your staff, and to any external parties who may access it. It’s an area, though, in which major improvements can frequently be made with some tweaks to your settings that don’t cost a penny, aside from the engineer time and expertise required to implement them.

Getting the required results isn’t necessarily straightforward, because there are so many ways a network can be slow. One business I shall not name used a cheap Wi-Fi base station and a corporate Dropbox account for storage and collaboration. The network was fast enough for day-to-day work, but not for continually syncing large amounts of data to and from everyone’s computer, resulting in workers having to hang around and wait for all their data to come down the line before they could leave for the day.

There’s a major divide as far as a large proportion of companies are concerned, though, and that’s wired versus wireless networks. There are all sorts of fundamental differences between these two networking models. For example, you could spend thousands installing a top-speed Wi-Fi 6 connection, while a patch cable can be bought using the dusty old pennies in the bottom of the office coffee kitty.

Marketing teams want us to believe pricier Ethernet cables equate with higher quality, just as we’ve been told, for decades in the hi-fi market. There are a litany of cables available for roughly £30, although the quality of most cables is high enough quality to survive even the most benign of office environments. Their main adversary is the office chair castor wheel – a device capable of delivering hundreds of kilos of crushing force per square inch. I recommend you think of an Ethernet cable as a consumable item, like a toner cartridge or light bulb. Once it's crushed, chewed, stretched, kinked or cut, that's the end of it. Not too long ago I ran a cable tester over all of a client’s leads and found 60% were degraded in some way – which can lead to all sorts of intermittent performance problems.

In fact, if you’re trying to tune up your network, a brilliant first diagnostic is to temporarily replace your wireless connections with a cable run. You might have to fiddle around because not every router configuration treats its Ethernet cable ports in the same way as its wireless clients. It's worth the effort, though, because your basic cable gives you an immediate indication of whether your speeds are being held back by the Wi-Fi, or by something deeper in the infrastructure.

If your wireless connection does turn out to be sucking the performance out of your network, there are ways to tune up your Wi-Fi, maximise its speeds and reduce interference. Often, though, the real solution is a hardware upgrade: that’s sadly unlikely to count as almost free, but it could still pay for itself in time if it lets staff work more efficiently.

A matter of protocol

In almost any network, wired or wireless, there are certain structures that you can tune for performance. It might surprise you how similar they are across both Ethernet and Wi-Fi. It's called Ethernet because, even though data doesn’t travel through the “ether”, the concept was originally based somewhat on running radio transmissions over a cable. When Wi-Fi came along, it wasn’t a problem to adopt the same philosophies and terminologies.

Setting an appropriate maximum size for your data packets, for example, can enhance efficiency, whether those packets are inside an eight-core copper cable or floating through the air. There's a lot of fossil knowledge that says “leave the MTU and packet size alone”, because back in 1994 many routers weren’t able to dynamically switch packet size according to the settings for each class of connection. This is no longer 1994, however, and there’s now more CPU power inside a network card than you might have had in an entire computer. We no longer need to cling to the idea that cheapness and simplicity are virtues in network traffic infrastructure; we’re finally free to take full advantage of all the features that were envisaged when the standard was originally drawn up.

Turning on Jumbo Frames in your PC's Ethernet card settings isn't a magic-bullet hack, though, and you shouldn’t expect a blinding flash of power. Rather, it should give you a small increment of speedup, and turning on full duplex transmission and flow control – while perhaps turning off energy-saving features – should do the same, adding up to a worthwhile performance improvement. Of course, these features need to be supported and enabled at both ends of the cable – which brings us into the daunting but important world of network switches.

What's in a name? Switches decoded

Is your switch managed, or not? In band, or out? Can you run cable diagnostics from it? What about OSPF, trunking, and fibre support? The language of network switches seems to be designed to be discouraging, which is a shame because having the right one, and configuring it correctly, is key to running a fast and secure business network.

It doesn’t have to be all that complicated. A managed switch is one that lets you set those key tuning parameters at the switch end, so the PC doesn't have to be in the right mood to get the right negotiation of link speed and protocol. There’s also a spread of hardware and configurations to allow for the broad range of different business interests reliant on network switching. Some companies have to record every single packet, in case it turns out to be important in an international market, options trading, or high-powered finance environment. Others do a lot of their customer work on the phone, so they opt for a VoIP-friendly switch, which will have quite different design priorities to those made for hosting centres or networks where the majority of the traffic is between virtual machines.


Successful enterprise application modernisation requires hybrid cloud infrastructure

Optimise business outcomes with a secure and reliable modern infrastructure


Then we get into layers. You might well have heard of Layer 2 switches versus Layer 3: these designations refer to the ancient but still vitally important ISO seven-layer networking model. Layer 2 is machine addresses, so a Layer 2 switch lets you divide up your LAN into VLANS, whose traffic mostly does not need to intermingle. A Layer 3 switch goes a stage further by managing IP addresses for VLANs and allowing a framework of routes and little cul-de-sacs of machines to be built out of each other's way. There are Layer 4 switches, too, which analyse the traffic itself and make realtime routing and priority decisions – but if you’re in a business that requires that sort of technology, you probably already know all about it.

If performance is your priority, then it may be a mistake to pursue complex topologies anyway. The more complicated the network environment, the more slowly it tends to run. If you mix up a hundred VLANs and pass them all down a VPN tunnel, don't be shocked when the whole thing just about grumbles up to 256kbits/sec.

Instead, you can think about simplifying and minimising the amount of traffic that’s exchanged. One recent IT buzzphrase is zero trust, which is the idea that every object, device and cable on your network should have an identified device that uses it, and nothing else, connected to a nominated switch port and with a list of traffic types it may accept. This may sound radical but it can be done pretty cheaply – quite a lot of it is executing a design, typing in a bunch of addresses and port ranges and so on. Almost any decent Layer 3 switch could be used to set up a network like this, and once you chop out the chattering nonsense, the traffic you don't normally bother to identify and cut out, then your network is quite likely to run better.

The catch is in the upkeep. Making an initial zero trust design isn't too hard, but you have to grow and maintain it every time something changes on your network. For every new service or device on your network you have to decide what access is legitimate. This is where thinking architecturally pays off. Given a single L3 switch, you can have several subnets, some of which are zero trust – the ones with the users on – and others which are unfiltered within their own boundaries. If you don’t already have an L3 switch then this might not exactly be a free upgrade, but you don’t need the latest and greatest hardware.

Going IPv6

IPv6 has had pretty poor PR within the business networking world. It’s major advantage is that each device gets its own globally unique address; this makes the burden on big continent-scale routers considerably lower, but for most businesses that’s either irrelevant or a security concrn. The standing advice when network tuning or product testing has been to turn off IPv6, debug everything in v4, and only re-enable IPv6 later if you need to.

There was a lot of sense to that outlook when IPv6 was relatively new. The default everything-on setting was fine for standard components, but it’d trip up badly behaved installs if the network layer didn’t fully implement IPv6 as expected. We must give thanks to those who have spent the intervening years debugging their code, because nowadays it all seems to work pretty well: your machines should all be happily able to pick up link-local addresses and reach one another through the IPv6 address space without any particular need to fall back on IPv4.

The remarkable thing is, because of the way IPv6 can be encapsulated over IPv4, you don’t even require a dedicated IPv6-capable network switch to make it all work. If you want to connect to the internet over an all-IPv6 connection, that’s possible too, either through a VPN or modern hardware and a cooperative ISP.

On its own, switching to IPv6 will make almost no difference to your internal network speed, though. The major boost comes if you manage to line up all the tweaks mentioned so far. If you can turn on jumbo frames, and flow control, and prevent the switches from trying to negotiate the wrong duplex setting, then IPv6 is the icing on the cake – at least, for operations that run in a standard Windows-supported way.

10GbE and faster

If you want to ensure your data is whizzing around the building at top speed, then 10GbE is the standard to aim for. 40GbE and 100GbE standards do exist, but the hardware is prohibitively expensive, and the interconnects aren’t cheap either. Meanwhile, a 10GbE card can be easily had for under £100, and it should be at least partly operational with your existing wiring.

You’ll still need to budget for a 10GbE switch, but something like the Netgear Pro GS110TPv3 can be had for a tad under £200. This is a decent basis for performance experimentation; a lot of supposedly 10GbE devices will immediately fall down to lower connection speeds if your configuration isn’t precisely to their liking. You need to be sure you’re getting the performance you thought you were paying for, so go through all the checks I’ve mentioned, and make sure you apply any required software tweaks to make your various machines use the infrastructure properly. Moving to 10GbE is by no means a drop-in upgrade.

Frustratingly, the spread of support for 10GbE has been slowest in exactly the market you’d most want it – cheap, large-capacity storage devices. Generally, only the bigger NAS appliances (those with eight drive bays or more) are currently offered with integrated 10GbE ports. As hard disk sizes continue to grow, however, we’re at the point where it’s perfectly feasible to deploy a two-drive NAS box with 36TB of storage; hopefully the market will soon catch up to a point where it’s possible to access all that data at the full speed the drives are capable of.