Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 1570 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG230 Drop in speed between WAN and LAN

Adrian Ward

Hi all,

I have a SG230. Our WAN is a 1Gbps/1Gbps fibre link and yet running various Speedtests on the LAN from *any* client (workstations or servers) always returns results of 62Mbps/62Mbps fairly consistently.  This in itself is weird as prior to this issue starting a few weeks back, running Speedtest.net always returned a range of results between around 300Mbps to 900Mbps depending on the workstation/server, time of day, and activity on the LAN (and if Venus was in alignment with Mars).

Only subscriptions on the SG230 are:  Base Functionality / Network Protection / Webserver Protection

Things I have checked ...

Laptop directly connected to ISP's NTU shows correct speed (actually around 950~970Mbps, but close enough)

Laptop directly connected to SG230 in place of ethernet cable to LAN (so SG230 disconnected from LAN) shows around 100~120Mbps.

QOS turned off. No change.

IPS turned off. No change.

The only active configurations are 'Firewall' incl 'NAT' and 'Web Application Firewall'.

The SG230 could have a hardware issue but I would like to exhaust all software avenues before pronouncing the UTM9 as faulty.

Suggestions?



This thread was automatically locked due to age.
Parents
  • +1

    Hi Adrian and welcome to the UTM Community!

    The fact that connecting the laptop directly to the 230 doubles the speed does indicate some problem with a switch or ??? What if you replace the Ethernet cable between the switch and the UTM and use a different port on the switch?

    I would expect that it would take 3-to-5 simultaneous speedtest.net tests to come close to filling up that pipe. Remember that other inbound traffic on the WAN interface reduces the available bandwidth for speedtest.net to measure.

    I would also check the Intrusion Prevention log to confirm that there's no indication there of things being blocked. See #1 in Rulz (last updated 2021-02-16).

    If you're still having a speed issue after all of the above, I would get Sophos Support involved.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob for your welcome and reply.

    I will swap out the ethernet cable between the 230 and the switch, and also try moving it to another switch, as you suggest and see what happens.

    Noted about the IPS logs.  I'll take a look.  Although, I would have thought disabling IPS (even just as a temporary measure) to see if that had an effect on throughput would tell me something.  I assume flipping the slider on the "Global" tab to Disable would completely turn off IPS, but maybe I need to disable all the functions on the other tabs in IPS (?).  When I did disable IPS the speedtests results were the same (i.e. 62Mbps/62Mbps) so I assumed IPS not to be the bottleneck.

    Thanks for the link to your "Rulz" posting.  In researching this issue this past week I found your post and worked thru it.  I'll take another look and work thru the Rules again in case I missed something.

    I have an old HP ProDesk 400 (i5, SSD, 8GB) on which I have installed the UTM software (9.705.31).  My thought is to first try it in place of the 230 with a "clean" configuration, and then restore the config from the 230 to the HP and see what happens.

    Cheers,

    Adrian

  • 0 in reply to Adrian Ward

    Hi Bob,

    Thinking back to your ethernet cable / switch comment, I thought I should try some internal, LAN speed tests.  So I ran a speed test between a workstation and the server using iPerf3 (https://iperf.fr/iperf-download.php)

    Guess what, I measured 62.6Mbps !!   That's the result returned by SpeedTest.net.  It would seem my issue is somewhere on the LAN and not the UTM.  I may have been unfairly blaming the SG230.   

    Work in progress.  I'll report back.

    Thanks again Bob

    Cheers,

    Adrian

  • 0 in reply to Adrian Ward

    Hi Bob,

    Reporting back ...

    It was the switch.  I had a switch replaced in my absence a few weeks back.  I ordered an unmanaged switch - they installed a managed switch!  Not being in the office, I didn't physically see what they installed and assumed it was an unmanaged switch as ordered. Once I realized this yesterday, I checked the QOS settings in the switch and sure enough, the network was being limited.  Removed the QOS settings and life returns to normal.  My apologies to the SG230 :-)

    Thanks again Bob, and lessons learnt - things are not always as they first seem.

    Cheers,

    Adrian

Reply
  • 0 in reply to Adrian Ward

    Hi Bob,

    Reporting back ...

    It was the switch.  I had a switch replaced in my absence a few weeks back.  I ordered an unmanaged switch - they installed a managed switch!  Not being in the office, I didn't physically see what they installed and assumed it was an unmanaged switch as ordered. Once I realized this yesterday, I checked the QOS settings in the switch and sure enough, the network was being limited.  Removed the QOS settings and life returns to normal.  My apologies to the SG230 :-)

    Thanks again Bob, and lessons learnt - things are not always as they first seem.

    Cheers,

    Adrian

Children
No Data
Unfiltered HTML