Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 13 replies
  • Answers 3 answers
  • Subscribers 28 subscribers
  • Views 960 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Red SD-60 Poor lan speeds one way

Kent_166

Hi all,

I've added a new RED SD-60 to our network details below. Standard/unified setup.

SD-RED 60 10.90.21.0/24

Connection throughput 100/100 fibre.

XGS2300 192.168.100.0/24

Connection throughput 1000/1000 fibre.

When connecting the SD-RED 60 we get full speed from the internet/speed tests without issues. But when we do local file trasnfer from the XGS2300 range we get max 1mb/s nothing more, lodged ticket with sophos and spent many hours with no result yet, any one have some ideas?

I'm aware of the speed limitations of the Red devices, but we should be getting more than 1mb from lan traffic. 

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    Response from Sophos - I have reviewed the logs and the only thing suspicious is the TCP Out Of Order captured on Wireshark. I have checked Wireshark Q&A, and that error probably indicates there are multiple paths between source and destination - and one travels a through a longer path. It means TCP has slightly more work to reassemble segments in the correct order. I have checked raw tcpdump and not seeing any other path the traffic is traversing.

    Not sure where to go from here. will wait for an update, ETA is march 2nd.

  • 0 in reply to Kent_166

    Maybe it's fragmentation happening here. Try to lower MTU size on the links.

    This would explain to me that the packets coming out of order.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to jprusch

    Hi Philipp, just on the red side? - any recommendation on what to lower it to?

    Kent.

Reply Children
  • 0 in reply to Kent_166

    Hi Kent,

    it is not that easy, but I try: in principle every component along the route can cause your bottleneck with an MTU size being too small.

    You could start with the tunnel definition for the RED. But you should then reduce the MTU of the clients behind that tunnel as well.

    We had a customer with Telekom DSL and RED, some homeoffices ran without any problems, other sites had to be reduced to 1280 bytes at the RED tunnel definition. It depends from site to site for him.

    For Windows-Clients, we have a script to set the MTU, that I could send you.

    You could start with 1280 and then try to get to higher numbers.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to jprusch

    Hi Philipp, i've changed both the RED to 1280 and the workstation testing MTU to 1280, no change, also tried lower but still no change, Sophos was on the line today with still no fix, they were concerned regarding the "TCP segment of a reassembled PDU" message from with Wireshark.

Unfiltered HTML