This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

5% upload speed on Sophos UTM

First off let me say I know this has been a frequent question posted here regarding slow upload speeds on the UTM.  I have been a UTM user for well over a decade probably closer to 15 years.  I may not be a Bob expert but I know my way around the software. 

I recently got an ATT symmetric 1GB fiber line and plugged it up to my UTM VM.  At first, performance was normal and expected.  I was getting close enough to max throughput with the understanding that I would be getting less because it was running in a VM on older hardware.  All fine.  Then one day, and I honestly don't know when, upload performance just took a nose dive.  I would get 3-5Mbps on uploads.  Sometimes spiking to 7%.  

I did all the normal things, turned off IDS, turned off web filtering, confirmed 1500 MTU on all NICs, you name it.  I have a small Ubiquiti FW as a backup and it was able to get full 1Gb from all my VM's and my physical boxes, so I know my internal network is fine and can handle it.  I even built not 1 but 2 brand new UTMs.  One I did a restore of a config and another I did unconfigured, no settings.  The performance of all these UTMs is the same 5Mbps upload.  Download speeds are fine and close to theoretical maximums.  I am at a complete loss.  I do NOT want to migrate my services to Ubiquiti.  I want to keep using the UTM. What else can I do?  there are no IDS or filtering logs to check since all of that is disabled.  Is this an ATT thing?  Is there some special setting I need to make on the ATT FW or UTM interface setting I need to make to get this to work?  It doesn't have to be perfect, but symmetrical upload is all I want.  



This thread was automatically locked due to age.
  • So not sure I can do that.  Before the ATT box is the actual fiber itself.  The ATT box is a media converter.  The fiber comes from the curb and goes directly into the ATT device which has multiple RJ45 ports on the back. One goes to a physical FW and one goes to a port on my core switch.  

  • I haven't tried the following with a VM, so be sure to get a good backup of your VM before you try changing from the command line.

    1. Find the fastest speed&duplex that you can set fixed in the AT&T device and set that there.  The below assumes that's 1 Gb full duplex 

    2. As root, get the REF_ of the hardware:

        cc get_object_by_name itfhw ethernet 'eth1 VMWare VMXNET3 Ethernet Controller'| grep \'ref

    3. Assuming that returns REF_ItfEthEth1VmwarVmxne, disable Auto negotiation with:

        cc change_object REF_ItfEthEth1VmwarVmxne auto_negotiation_status 0

    4. Change the speed to 1 Gb:

        cc change_object REF_ItfEthEth1VmwarVmxne speed 1000

    Did that work?  Did it solve the speed problem?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Sounds like you got the new set up - bgw320. There's ways of bypassing that too but more complicated.  Dslreports has a lengthy thread on the topic - https://www.dslreports.com/forum/r33442912-AT-T-Fiber-Bye-bye-802-1x-you-will-not-be-missed .

    Only a single device behind the att gateway/media converter can get the public ip.  Are you subscribed to multiple static ip's?

  • Firstly apologies to everyone that I left hanging.  I as out of state for 2+ weeks and didn't want to make any changes to the setup for fear of borking the whole thing, which has happened on occasion.  

    @Jay Jay was on the right track with thinking it was on the ATT hardware side.  As mentioned, I have a physical FW appliance and a virtual UTM.  The ATT all in one modem, media converter, and switch, has 4 1GB ports and 1 5GB port.  The 5GB port was connected to the physical FW appliance and the 1GB port was connected to the virtual infrastructure.  I swapped ports and everything began working as expected.  I am getting full throughput on the virtual and full gig on the physical.  I have no idea why.  Either the ATT modem does some funky MTU on the various ports or the core switch as part of my virtual infrastructure is going bad.  Either way, not a Sophos UTM issue at all.  

    Thanks to everyone who messaged me on this.  Such a great, intelligent community. Here's hoping the UTM sticks around for years to come.  

  • Glad you got it sorted but im still confused.

    What purpose is UTM serving if you have a fw (firewall?) appliance?

  • One for the business network and one for the home.  

  • I see.  I asked about static ip's earlier but didn't get a reply.  Are you subscribed to static ip service?  Trying to get a better understanding of your network topology.