Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 29 replies
  • Answers 1 answer
  • Subscribers 9 subscribers
  • Views 72018 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Video conference performance drops

Winter7undra

If two devices on the network join a Zoom meeting, the video drops to about 5 fps and audio suffers just as poorly.

I can recreate the issue consistently and the issue only starts once the second device joins the meeting from LAN or WLAN and with multiple devices

 

Zoom Statistics say that there is 90%+ packet loss Sending & Receiving and warns that there is low bandwidth.

 

The Sophos is using less than 10Mbps for the video calls + normal network traffic (Max available Bandwidth 65Mbps Down & 10Mbps Up)

System Resource Usage is acceptable and never pins during this issue.

 

I have disabled IPS & UDP Flooding after noticing lots of UDP Flood logs but this did nothing.

 

 

What other logs or settings should I check to make sure its not a problem with the Sophos?

 

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    Hi and welcome to the UTM Community!

    You'll want to be aware of Rulz, especially #1 because we still need to know what's in the IPS log when two devices are on Zoom.

    Also, you didn't say what device UTM is running on or what version you're using - 9.506?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    We are running 9.509-3 Below is a screenshot of a portion of the IPS Live Log while the video conference is happening. Eth0 is LAN & Eth1 is WAN

     

    Thanks!

  • 0 in reply to BAlfson

    Ok so I've made some interesting discoveries but still no solution to this.

     

    In my testing I have put two devices on a completely separate WAN\Network and then left one on our main network while running some test meetings. 

    Once the 3rd device joins the meeting, Zoom clients shift the meeting from each other's WAN IP's to Zoom servers. Its at this point that I notice a large amount of OUTBOUND Packet fragmentation as seen in the screenshot. It gets to the point where every second OUTBOUND UDP packet from our network is fragmented and reassembled. Inbound packets are not fragmented nor is there a drop in external video quality.

     

    I adjusted our WAN MTU as I noticed that it was set to 576 for some reason, its now 1500 but still no luck.


    Before the 3rd device joins the meeting there is little to no packet fragmentation and packet lengths can be 1100~ (bigger than some packets sent during the 3 person meeting).

    WireShark Packet captures in a completely separate network show none of this fragmentation.

     

    Any other thoughts?

     

     

    Thanks!

  • 0 in reply to Winter7undra

    576?  Shame on your ISP!  Still, you should check with them to see if 1500 is correct for your connection.

    Then, if the problem is with outbound packets, try setting the MTU on the internal interface to a lower number and then move up until you see what begins to cause fragmentation.  Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    So I was unable to change the MTU as the Interface would automatically change back to 576. However after changing our ISP a couple days ago I've been able to adjust it. Ive changed the WAN MTU to 800 after testing streaming and other types of web browsing, this seemed to suit our needs as 1500 would create some buffering problems for some sites. I also found that speed tests wouldnt go as high as they should so I created a Test LAN Interface and set its MTU to 768. 768 was the largest frame size I could use to ping Zoom servers and with Dont Fragment option set.

     

    Speed tests are now showing 300 DL and 300 UL and using wget confirms these speeds. Yet despite all this and jacking directly into this Test LAN interface (bypassing our LAN's HP Switch) Outbound Zoom traffic is still fragmenting and meeting quality is awful. 

     

    Ill continue to test but wanted to provide an update.

     

    Thanks!

  • 0 in reply to Winter7undra

    Hello Winter7undra,

    Im curious if you came to a conclusion on this problem, I'm having the exact same issue, except its concerning conferences in MS Teams.

    One-on-one works flawlessly, but 3 or more participants leads to massive packet drops (some Teams report says up to 98%) at our end.

  • +1 in reply to Paul-IL

    Hey Paul,


    The issue was two fold. The WAN MTU being too small and something on our ISP's end kept changing it back to a lower value. Because of other reasons we switched ISPs and the MTU remained at 1500 which fixed the issue. Hope that helps :)

  • 0 in reply to Paul-IL

    Hi Paul,

    Did you get anywhere with this?

    I have exactly same issue, I have 2 WAN connections on the UTM and if I NAT teams UDP traffic it out via one line it is fine, but not the other or leaving it load balancing.

  • 0 in reply to Alistair Carr

    Awrite!  Welcome to the UTM Community, Alistair!

    Please show pictures of the Edits of any relevant Multipathing rules.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to Alistair Carr

    Hi,

    In my case it was the UDP Flood Protection that caused the issue (under Intrusion Protection \ Anti D-dos/Flooding). This is disabled by default, but enabling it with values roughly 2000 pps (Source) / 3000 pps (Dest.) should make conferences bearable. I have not done any further experimentation, no more complaints so far.

    I also enabled "TCP window scaling" under Firewall - "Advanced" tab.

  • 0 in reply to Paul-IL

    This helped us. Our TCP window scaling and UDP flood protection were already turned on, but UDP flood protection was set to 200/300 pps source/destination, respectively. We then set it to 2000/3000 and this helped a bit, but we still couldn't get more than 2 people at a time without both video and audio becoming unlivable. We then turned UDP flood protection off completely and we can now add as many as we need and there is no drop in performance. 

    Forgive the noob question, but what are the ramifications of leaving UDP Flood Protection off? 

  • 0 in reply to Paul-IL

    I added a UDP Flood exception under Network--Intrusion Prevention--Exceptions and will report back if it helps or not.

    Here are the IP's used by ZOOM as well, however, I only used the DNS Host *.zoom.us to start

    https://support.zoom.us/hc/en-us/articles/201362683-Network-Firewall-or-Proxy-Server-Settings-for-Zoom

Reply Children
No Data
Unfiltered HTML