This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Changing Uplink Interfaces from Auto to fixed speed breaks uplinks

Greetings.

I am currently trying to troubleshoot slow web speeds on our clients. We have IPS, Proxy and most other stuff disabled, no QOS activated - however, download speeds from *any* website are 3-5 MB/s tops. Multiple parallel downloads on the same client are possible, each showing the same speed of 3-5 MB/s. Our Lines are 200/200 and 50/10 as Backup.

So I read on the kb and forums about some basic settings to look into, one of them being the Interface Link Speed set under Interfaces, Hardware Tab. We have all set to auto. I tried to set the main uplink to 1000BaseT/Full. Once saved, both uplink interfaces will show "Link: Down, Status: Up". I tried reboot, I tried setting back to Auto, I tried to renew connections. PPPoE Log will show that there is no feedback from the ISP on these interfaces. 1000BT/F should work, as all devices in the chain are able to handle GB speeds.

Now there are two funny observations:

1) No matter what link mode I set the interfaces to, I cannot establish uplinks anymore.

2) I was only able to reestablish uplinks by recovering the config backup I made prior changes.

3) Even with those backups, it took me a couple of tries restoring and rebooting the SG135w. For the first couple of tries, Interfaces were stuck in "Link: Down, Status: Up". Then they were showing both as Down, and finally we went back to normal.

 

Has anyone a test environment available to tryi it? The backup line is using a ZyxelYMG1312 (10/100 Link Speed), and the main line a Genexis Box (1000).



This thread was automatically locked due to age.
Parents
  • Hi Reag,

    do you have download throttling enabled?

     

    Please do not play with interface speeds, use auto negotiation if your external routers use auto, use a fixed value if your routers use fixed values.  mixing auto and fixed usualy doesn't work.

    Yours Lukas

    lna@cema

    SCA (utm+xg), SCSE, SCT

    Sophos Platinum Partner

  • Thank you. As auto is the only working option for us, we won't change it around again.

     

    We do not have throttling enabled, at least if you are referring to the Throttling found in the QOS section.

  • Hi Renag,

    then we'll need to figure out if your lines have a problem or your UTM.

    please login to your UTM via ssh and try to wget a large file from the Internet to check your max bandwith.

    wget -P /var/storage/ speedtest.dal01.softlayer.com/.../test100.zip

     

    since the UTM does not use its own proxies or other security filters with a "naked" wget you'll see the total available bandwith used for this download.

     

    if you see 3 mbits download speed there is a problem with your lines

    if you see larger values (whatever the Webserver is capable of) there is a problem with the utm (configuration or bug)

    your Lukas

    lna@cema

    SCA (utm+xg), SCSE, SCT

    Sophos Platinum Partner

  • Dear Lukas,

    Thank you for that interesting approach. I tried some local speedtest servers and some debian mirrors, and I am indeed stuck at 3 MB/s.

    There are two things that are to note here:

    1) I am wondering both lines come to the same top speed. They are from different providers and different technology, so it should be a rare occurance both top out at the same level.

    2) I had a field technician for the FTTH line at our location a couple of days ago. He did all his checks and from his point of view, everything is OK. We had some speed test performed and the line is diagnosed as 475 down / 225 up where it should be 200/200. Now I am aware that a speed test uses multiple downloads simultaneously. We had a conversation at a kind of buddy level and I am in doubt that he had no interest in fixing things which look broken from my side.

    I will bring a naked Win 7 or 10 laptop in the next couple of days and hook it directly to the FTTH line, so we have measurements that leave Sophos out of the equiation.

    BTW, the backup line is still down since I created the thread yesterday. I will have a couple of reboots tonight and hope it comes back up. I cannot find a way to get it working without restoring config and booting over and over.

  • I restored a config backup a minute ago and both lines instantly became UP again.

    I have a feeling as soon as I open the Interface Tab, even without changing anything, at least one of the lines will be broken again. This is an unpleasent situation as reliability is important for us.

  • And the backup line is down again. LINK shows ERROR, Status is UP. The dashboard shows both lines with same speed now, which is definately not right.

    Another thing I noticed:

    ETH1, 3 and 5 share the same IRQ 17. Is that by design? ETH3 is the FTTH line, the others are unused.

    ETH2 is on IRQ 255 solely, and this is the Backup Line.

    I am not familar with that, I think the last time I handled IRQs was in MSDOS times and IRQs shouldn't be shared at that time.

  • This sounds like the ugly MTU bug that some ISPs have.  If you see a value of 576 on the 'Interfaces' tab, you will want to change that to 1500 or 1480.  Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Does not seem to be MTU related. The line is set to 1476, as recommended by the ISP.

    After trying a few things, it could be a physical problem with the Ethernet line. Sometimes when physically touching the CAT Cable, the Router's Link LED will turn off. So their might be something wrong with the cable or the ETH jack on the router. Going to order a cheap cable tester and see how far that gets me.

    A physical problem could also explain alot of the weird behaviour we had with this line the last couple of weeks.

Reply
  • Does not seem to be MTU related. The line is set to 1476, as recommended by the ISP.

    After trying a few things, it could be a physical problem with the Ethernet line. Sometimes when physically touching the CAT Cable, the Router's Link LED will turn off. So their might be something wrong with the cable or the ETH jack on the router. Going to order a cheap cable tester and see how far that gets me.

    A physical problem could also explain alot of the weird behaviour we had with this line the last couple of weeks.

Children
  • Hi reag,

    I had an iisue withe brand new SG135 in a data centre, which previously has had a Netgear, Draytek & Cisco routers, and also an HP switch, which all connected using auto mode with out issue (1Gb auto-neg setting on the interfaces).

    when I plugged in the SG135 it just would not connect, got me scratching my head a for while, then when I statically set the interface to 1Gb full-duplex, it all came to life.

    -funny thing was that after a week or so we have some fluctuations with speed and minor outages with the connection, after getting the data centre team to look into this issue, it seems that the CAT6 cable being using was burning (literally) out the cable, and said that they had never seen this previously, and stated that it was in the throws of failure and would have given more time.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!