Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 31 subscribers
  • Views 11058 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG reduced bandwith after time

Mathias Mühlbacher

Hello everyone,

I am using Sophos XG home version (17.0.6 MR-6) and having a strange behaviour of my WAN.

I am having a 250/25 mbit line at my local ISP which is working fine in general.

 

In general when running a bandwith test I get 230-240 Mbit down + 25 Mbit up - as expected.

But after a couple of hours/days my bandwith is reduced. The results varies from something below 1 Mbit and up to maximum bandwith.

I have contacted the support of my ISP and they told me that everything is fine. In addition to that I have also plugged a device direct to the WAN cable and got the full bandwith.

 

From my point of view my XG is slowing my bandwith down.

 

To resolve the issue I usually need to shutdown the firewall, power off the cable modem and restart both. Then I get my ordinary bandwith back.

 

To be honest: I do not have any glue why this is happening!?

 

In addition to that my XG also stops routing for some seconds. Meaning that I am not able to query any of my VLAN subnets.

So far I found nothing at the log files.

 

 

Does anyone has an idea how to start trouble shooting on that dilemma?

 

Regards,

Mathias



This thread was automatically locked due to age.
Parents
  • 0

    Hi Mathias,

    Sorry to hear about these issues you have been experiencing.

    For background information, how is your XG home firewall deployed? What does the resource usage of the XG look like when these strange issues occur?

  • 0 in reply to FloSupport

    Okay so I get now 150 Mbit instead of 250 Mbit down - upload is still 25 Mbit.

    The resource usage is very low: 2 % CPU, 19 % RAM, 22 sessions

  • 0 in reply to Mathias Mühlbacher

    Hi Mathias,

    check the modem network setting and see if it will run auto or at least 1000mb/s full duplex, sounds like the modem is the weak point.

    Then check you IPS settings, disable the one with lots of hits, you can fine tune the IPS and build your own rule when you have identified the issue.

    Ian

  • 0 in reply to rfcat_vk

    Hello,

    You may run the command on console to check if there is any error on the interface that may have caused duu to negotiation issue.

    console > sh net interfaces

    Also for live error check you may go to 

    console > system diagnostics utilities bandwidth-monitor

    and enter 'u' twice

    You should get this table and ideally should be 0

    Bandwidth Monitor, (Sampling at every 0.500s), press 'h' for help

      -         iface                   Rx                   Tx                Total
      ==============================================================================
                Port4:            0.00 E/s             0.00 E/s             0.00 E/s
            Port3.502:            0.00 E/s             0.00 E/s             0.00 E/s
                Port1:            0.00 E/s             0.00 E/s             0.00 E/s
            Port2.503:            0.00 E/s             0.00 E/s             0.00 E/s
              GuestAP:            0.00 E/s             0.00 E/s             0.00 E/s
                Port3:            0.00 E/s             0.00 E/s             0.00 E/s
               vxlan2:            0.00 E/s             0.00 E/s             0.00 E/s
                reds1:            0.00 E/s             0.00 E/s             0.00 E/s
               wlnet1:            0.00 E/s             0.00 E/s             0.00 E/s
           vxlan2.101:            0.00 E/s             0.00 E/s             0.00 E/s
                   lo:            0.00 E/s             0.00 E/s             0.00 E/s
               ipsec0:            0.00 E/s             0.00 E/s             0.00 E/s
                 tun0:            0.00 E/s             0.00 E/s             0.00 E/s
                Port2:            0.00 E/s             0.00 E/s             0.00 E/s
                 imq0:            0.00 E/s             0.00 E/s             0.00 E/s
      ------------------------------------------------------------------------------
                total:            0.00 E/s             0.00 E/s             0.00 E/s

  • 0 in reply to Aditya Patel

    Hello everyone,

     

    thanks for your suggestions!

    I have done the above mentioned steps to see if there are any errors - no there aren't any errors. Either via "sh net interfaces" nor via "system diagnostics utilities bandwidth-monitor" commands.

     

    Regarding point of failure = modem: I don't think that it is the modem. Beside that I am not able to check any settings as it is property of the ISP.

    Another reason why (from my perspective) the modem is not guilty is that my VLAN routing is not working from time to time as well.

    Devices are up and running properly (all VMs).

     

    Mathias

  • +1 in reply to Mathias Mühlbacher

    Hi Mathias,

    You may try to run this command and check if this would improve the performance.

    Console  >system firewall-acceleration disable

     

  • 0 in reply to Aditya Patel

    Is there any impact after disabling it? What exactly firewall acceleration do?

Reply Children
No Data