Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Replies 23 replies
  • Subscribers 40 subscribers
  • Views 906 views
  • Users 0 members are here
Options
Suggested

Can't reach full 10Gb when crossing VLAN ?

Nabil R1

Hi all,

I'm using Sophos XG Home with dual SFP+ ports that can theoretically reach 10Gb. I have 3 machines with these.

If I perform iPerf3 from Machine X to Machine Y, I get the full 10G when they are on the same VLAN.

If they are not, then the speed drops quite a bit (2.5 Gb ish, sometimes 1Gb).

IPS/DOS are turned off, and when I look at the performance graph, it doesn't look like the CPU is maxed out.

Note, Sophos is running on a VM in Proxmox.

Thanks



Added TAGs
[edited by: Erick Jan at 12:19 AM (GMT -8) on 16 Dec 2024]
Parents Reply Children
  • 0 in reply to Nabil R1

    I'd not expect any firewall to be capable of getting interface speed for traffic that passed through the device.

    But what's the "Supported link modes" from the output of ethtool -i PortA

  • 0 in reply to LHerzog

    Is that the correct command ?

    ethtool -i PortB shows doesnt show "Supported Link Modes", but ethool PortB shows "Not Reported"

    ethool PortB :

    ethtool PortB
    Settings for PortB:
            Supported ports: [ ]
            Supported link modes:   Not reported
            Supported pause frame use: No
            Supports auto-negotiation: No
            Supported FEC modes: Not reported
            Advertised link modes:  Not reported
            Advertised pause frame use: No
            Advertised auto-negotiation: No
            Advertised FEC modes: Not reported
            Speed: Unknown!
            Duplex: Unknown! (255)
            Port: Other
            PHYAD: 0
            Transceiver: internal
            Auto-negotiation: off
            Link detected: yes

    ethtool -i PortB :

    driver: virtio_net_nm
    version: 1.0.0
    firmware-version:
    expansion-rom-version:
    bus-info: 0000:00:13.0
    supports-statistics: no
    supports-test: no
    supports-eeprom-access: no
    supports-register-dump: no
    supports-priv-flags: no

  • 0 in reply to Nabil R1

    You find some thought about this here: https://forum.proxmox.com/threads/network-speed-limited-on-vm.81347/ 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Mixed results. The speed of the interface is known now but capped to 1G (lower than before).
    Also, 10G doesnt seem to show up in the available Link Speed.

    Settings for PortB:
            Supported ports: [ TP ]
            Supported link modes:   10baseT/Half 10baseT/Full
                                    100baseT/Half 100baseT/Full
                                    1000baseT/Full
            Supported pause frame use: No
            Supports auto-negotiation: Yes
            Supported FEC modes: Not reported
            Advertised link modes:  10baseT/Half 10baseT/Full
                                    100baseT/Half 100baseT/Full
                                    1000baseT/Full
            Advertised pause frame use: No
            Advertised auto-negotiation: Yes
            Advertised FEC modes: Not reported
            Speed: 1000Mb/s
            Duplex: Full
            Port: Twisted Pair
            PHYAD: 0
            Transceiver: internal
            Auto-negotiation: on
            MDI-X: off (auto)
            Supports Wake-on: umbg
            Wake-on: d
            Current message level: 0x00000007 (7)
                                   drv probe link
            Link detected: yes

Unfiltered HTML