This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

5% upload speed on Sophos UTM

First off let me say I know this has been a frequent question posted here regarding slow upload speeds on the UTM.  I have been a UTM user for well over a decade probably closer to 15 years.  I may not be a Bob expert but I know my way around the software. 

I recently got an ATT symmetric 1GB fiber line and plugged it up to my UTM VM.  At first, performance was normal and expected.  I was getting close enough to max throughput with the understanding that I would be getting less because it was running in a VM on older hardware.  All fine.  Then one day, and I honestly don't know when, upload performance just took a nose dive.  I would get 3-5Mbps on uploads.  Sometimes spiking to 7%.  

I did all the normal things, turned off IDS, turned off web filtering, confirmed 1500 MTU on all NICs, you name it.  I have a small Ubiquiti FW as a backup and it was able to get full 1Gb from all my VM's and my physical boxes, so I know my internal network is fine and can handle it.  I even built not 1 but 2 brand new UTMs.  One I did a restore of a config and another I did unconfigured, no settings.  The performance of all these UTMs is the same 5Mbps upload.  Download speeds are fine and close to theoretical maximums.  I am at a complete loss.  I do NOT want to migrate my services to Ubiquiti.  I want to keep using the UTM. What else can I do?  there are no IDS or filtering logs to check since all of that is disabled.  Is this an ATT thing?  Is there some special setting I need to make on the ATT FW or UTM interface setting I need to make to get this to work?  It doesn't have to be perfect, but symmetrical upload is all I want.  



This thread was automatically locked due to age.
Parents
  • If it ends up being something in the virtual stack that I cannot remediate, since this is a Home license and I want to have full gig both ways, what hardware device would you guys recommend?

  • Out of curiosity have you tried installing the UTM on the bare hard drives? Also Intel NICs are preferred over the others. You said the Dell server has Broadcom. Not sure if that is causing the issue. Since you were able to get the full 1Gbps on the Ubiquity firewalls VM on the same hardware, it seems everything is fine on your ISPs end. 

    Check firewall logs while you do speed tests on different sites. Is anything being blocked. I also had a thought that your upload speed is so fast it's triggering the TCP SYN/UDP flood alerts of the IPS. LOL. But you said it was disabled. 

Reply
  • Out of curiosity have you tried installing the UTM on the bare hard drives? Also Intel NICs are preferred over the others. You said the Dell server has Broadcom. Not sure if that is causing the issue. Since you were able to get the full 1Gbps on the Ubiquity firewalls VM on the same hardware, it seems everything is fine on your ISPs end. 

    Check firewall logs while you do speed tests on different sites. Is anything being blocked. I also had a thought that your upload speed is so fast it's triggering the TCP SYN/UDP flood alerts of the IPS. LOL. But you said it was disabled. 

Children
  • Alan, meant to comment on this earlier. I've had good results with i211/i219 and some other intel gigabit adapters.

    Several boards purchased in the last year came with the i225-v.  This adapter has had 3 hardware revisions and is still a POS in my opinion. Even with a rev3, i've had issues with it showing cable disconnected (while connected).  Any manipulation of the adapter (disable/enable), causes mass system instability to the point where a full power disconnect is needed - reset/power button does not work.

    Granted, this is under windows, not sure if linux is any better. There's numerous posts about this on intel's forum as well as reddit.  It's bad enough that if I need/want onboard ethernet, I will pass on any board that comes with it.  The rtl8125 on the other hand has worked flawlessly for me in both windows and linux. The other option is to disable the nic in bios and install a pcie nic. This may be a good alternative if you want quad port nic capability. Otherwise it wastes a slot.

    My proxmox box has a i211 (pass through to utm), and the rtl8125 (used a vnic). This has been in operation since may 2021.

    Hate to say it, but today prefer a rtl nic over intel given the above.

  • I haven't done UTM on a physical box yet.  I think that is the next step after I make some virtual stack changes like swapping cables with the physical Unifi FW and dropping MTU on the switch and the ESXi port groups down to 1500.  It really does feel like an MTU thing.