Hi,
I'm facing a strange issue that I am not sure how to debug/improve. I'm using a virtualized Sophos XG on a proxmox server. WAN is connected to a 2.5Gb capable ethernet, but ISP provides only 1Gb symetrical.
What I see is :
- iPerf3 with UDP is yielding 1Gbps download speed (which I'm happy with obviously)
- iPerf3 TCP yield only 200Mbps
I have done the following for now (if only to test):
- Deactivate IPS and DoS/Spoof protection
- Set the WAN speed in my Traffic Shaping Setting to the correct 1Gbps
- Double checked MTU are all at 1500 which is what is expected by my ISP
- Check CPU usage, it never goes above 10%. Memory caps at around 50%.
My testing nodes are all in a VLAN that has 1 single Firewall rule : ALLOW ALL. This rule is number 2 on the list, and I run around 40 rules.
Is there anything else I can do to test this/debug this ?
Note i have observed a significant amount of Invalid Traffic in my log. I have read other posts suggesting to disable the logging but just bringing that up in case it is relevant her.
Added TAGs
[edited by: Raphael Alganes at 8:50 AM (GMT -7) on 24 Jun 2024]
