This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Extreme lag locally

I have had the UTM as a VM on my servers for a few years now with out any issue. Recently I have been having issues with lag. Not just to the internet itself. The local cable modem and subnets. 

The only thing I have changed recently is moving to OSPF so my layer 3 hp switch can do the routing on most the local stuff. I've ruled out my switch though since all pings are 1 ms. VMs on the UTMs subnets also have the same ping times. 

I've been turning various things off, CPU is minimal, so I am not sure what to check but any direction would be appreciated.

Thank you

Reply from 192.168.100.1: bytes=32 time=1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=2ms TTL=62
Reply from 192.168.100.1: bytes=32 time=1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=54ms TTL=62
Reply from 192.168.100.1: bytes=32 time=246ms TTL=62
Reply from 192.168.100.1: bytes=32 time=901ms TTL=62
Reply from 192.168.100.1: bytes=32 time=16ms TTL=62
Reply from 192.168.100.1: bytes=32 time=9ms TTL=62
Reply from 192.168.100.1: bytes=32 time=1390ms TTL=62
Reply from 192.168.100.1: bytes=32 time=1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=2ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=271ms TTL=62
Reply from 192.168.100.1: bytes=32 time=104ms TTL=62
Reply from 192.168.100.1: bytes=32 time=418ms TTL=62
Reply from 192.168.100.1: bytes=32 time=1058ms TTL=62
Reply from 192.168.100.1: bytes=32 time=249ms TTL=62
Reply from 192.168.100.1: bytes=32 time=404ms TTL=62
Reply from 192.168.100.1: bytes=32 time=69ms TTL=62
Reply from 192.168.100.1: bytes=32 time<1ms TTL=62
Reply from 192.168.100.1: bytes=32 time=39ms TTL=62
Reply from 192.168.100.1: bytes=32 time=39ms TTL=62



This thread was automatically locked due to age.
Parents
  • What happens when you disable OSPF on the UTM? Is the lag still present?

    If yes, there must be another problem ("Oh really?!"). Have you checked the log files of the UTM for any hints? Do you checked the CPU utilization on the WebAdmin interface or shell? WebAdmin is not realtime, I prefer shell for this.

    If no, could this be a flapping route or something like this? Have you tried to ping from your cable modem to the Internet and LAN? Is there also a delay?

  • I haven't tried disabling OSPF - I need net to work but I will try and find a time to disable and watch vms from console to see if issue remains or not.

    CPU utilization was from WebGUI however i logged in and ran top to watch. When it was lagging I did not see any cpu issue. Highest it got was 14%

    I don't have a way to ping from cable modem. But I have been pinging VMs that are controlled by route on my switch and the ESXI host with no issue. I have VMs pinging each other and the router on the vlans the UTM controls and I see delays to and from the UTM and Cable modem. These are all on the same vswitch which would rule out the HP switch I have. 

    I have VMs on the same subnet as the router that can get a spike in ping to it, no routing. It happens even if there isn't a lot of traffic. Have not found a way to reproduce it on the fly. Will try and look into logs more when it happens.

Reply
  • I haven't tried disabling OSPF - I need net to work but I will try and find a time to disable and watch vms from console to see if issue remains or not.

    CPU utilization was from WebGUI however i logged in and ran top to watch. When it was lagging I did not see any cpu issue. Highest it got was 14%

    I don't have a way to ping from cable modem. But I have been pinging VMs that are controlled by route on my switch and the ESXI host with no issue. I have VMs pinging each other and the router on the vlans the UTM controls and I see delays to and from the UTM and Cable modem. These are all on the same vswitch which would rule out the HP switch I have. 

    I have VMs on the same subnet as the router that can get a spike in ping to it, no routing. It happens even if there isn't a lot of traffic. Have not found a way to reproduce it on the fly. Will try and look into logs more when it happens.

Children
  • Try #7 in Rulz, Jasin.  Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Bob, 

    Thanks for the reply. I do not have slow input. QOS is turned off (did have it on to limit max upload on internet but not needed for now). This isn't a constant issue but I did check switch ports for errors/changing ports. It is just  every now and then. For now it seems to be related to when the updates are applied. Every time it jumps the only thing I see in the log for the times is the updates. I changed it to hourly instead of 15 for the patterns and every 4 hours for the firmware. 

    Not sure what I can change for the update part. CPU doesn't seem to max out at the time. 

  • Please insert pics of the CPU & Memory charts from your daily reports before and after this change.  What device are you using?  How much RAM does it have?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA