Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 2283 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Dramatically lower speed tests with SSL/TLS disabled

JasP

Just got 1000/100 Mbps internet installed and have been testing speeds, mostly using speedtest.net. Nothing serious, just wanted to get an idea of how the XG would hold up.

Was getting about 700 Mbps down (XG 230 50% CPU) and decided to see if I could get a full 1000 Mbps by disabling SSL/TLS scanning. I was rather confounded to see the speed drop to 200 Mbps. It made no difference if I globally turned SSL/TLS off or had an exemption rule.

I tried it again with an XG 430 and while not so dramatic, there was still a drop in speed (from about 800 to 600).

Can anybody explain what could be happening here as it is the opposite of what I would expect?



This thread was automatically locked due to age.
Parents
  • 0

    I've just repeated this all with an additional speed test site and the XG 430. All these tests done with Firefox as that is what I use by default and it gets the highest speeds. In the previous tests I also tried it with Chrome and the new edge but the end result was the same, slower speeds with SSL/TLS disabled.

    speedtest.net, SSL/TLS enabled 820 Mbps
    bredbånd.dk/hastighedstest SSL/TLS enabled 900 Mbps

    speedtest.net, SSL/TLS disabled 600 Mbps
    bredbånd.dk/hastighedstest SSL/TLS disabled 610 Mbps

    Both XGs are running 18.0.3 MR-3

  • 0 in reply to JasP

    Just to be sure, you have less speed, if you disable TLS/DPI? 

Reply Children
  • 0 in reply to LuCar Toni

    Correct. I know, it makes no sense!

  • 0 in reply to JasP

    Could be related to certain techniques, which XG uses to ensure, the speedtest is running smoothly. 

    Try to verify, as i posted in the other thread, things like download and upload tests.

    https://www.speedtestx.de/ 

  • 0 in reply to LuCar Toni

    I tried the site you recommended and got about 240 Mbps with SSL/TLS disabled and only 30 Mbps with it enabled. Checking the logs I was getting multiple Dropped due to TLS engine error: FLOW_TIMEOUT[5] errors for that site so maybe that is why the download speed was so poor.

    Tried downloading a large Centos 8GB ISO and got 400 Mbps whether SSL/TLS was enabled or disabled.

    All just goes to show how difficult it is to get any meaningful info using third party sites, every one just shows something different. It would be nice to have another site on the same ISP that I could run tests between but I don't have one.