Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 6 subscribers
  • Views 5008 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NIC throughput tanked after gigabit upgrade

AndyPilcher

I have been running UTM 9 at home for over a year now with no big issues.  My home switch has been a Cisco 3550 fast-e based switch, and this week I upgraded to a Cisco 3560 gigabit switch (also recently got gigabit fiber to the home).  I have these two interface cards in the UTM box:

eth0: D-Link System Inc DGE-528T Gigabit Ethernet Adapter
eth1: Intel Corporation 82567LM-3 Gigabit Network Connection

On the fast-e switch, everything ran fine with decent throughput as measured by speedtest sites and general observation.  When I move everything to the new switch, performance tanks, and speedtest sites actually error out.  Looking at the switch, I see port speeds from my computer, the UTM (inside and WAN ports), and the modem all synced at 1000/full with no errors or dropped packets.  However, when I shell into the UTM CLI, I am seeing a ton of dropped packets on the inside interface.  Interfaces & Routing --> QoS --> Status shows 1024 Mbps available on both interfaces, and I don't have any kind of throttling configured. 

Also as info, if I bypass the UTM and go directly to the modem or the VLAN on the switch that is connected to the modem north of the UTM, speedtest results look *much* better.  It appears to me that the UTM is not properly handling the interface speeds.  I am on UTM 9.407-3.

Any suggestions?  TIA for input.

 

Andy



This thread was automatically locked due to age.
  • 0

    Check your interface MTU.  It should be 1500.  If it is 576, you need to log into the UTM via ssh and fix some stuff.  hxxps://community.sophos.com/products/unified-threat-management/f/hardware-installation-up2date-licensing/80641/sophos-utm-9-407-3-released/306871#306871

  • 0

    Is your current speedtest lower than when you were connected to fast ethernet switch or is it higher but not as high as you had expected?

    In the latter case, this can be caused by IPS and/or webfiltering. Any chance this could influence your throughput?

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Yes, significantly lower.  With the fast-E switch, I was getting anywhere from 20 Mbps to 80 Mbps (constrained by the 100 Mbps port speed).  Now with the gig interfaces, the speed test briefly spikes up to 20 Mbps for a second, then rapidly declines to low single-digit rates, then 9 times out of 10 the speed test fails due to an "error."  The few times it's been successful, the reported rates are 1 - 2 Mbps down and up.  The interface RX (packets received) drops on the inside NIC as reported on the UTM command line (ifconfig -a) are concerning me.  But the switch port it is connected to is successfully negotiating 1000/full and is not reporting any drops on the switch side.  It's ingress to the UTM that seems to be choked.

  • 0 in reply to darrellr

    Confirmed, MTU is (and was) 1500.

  • 0 in reply to AndyPilcher

    Check network adapters (ifconfig) for errors and check your switchports rmon for errors as well.

  • 0 in reply to AndyPilcher

    Andy, I just responded to a similar situation here.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML