Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 25490 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

My bandwidth decreases significantly when I try to use Sophos XG versus Sophos UTM.

JohnDoe2

I have both my sophos UTM and Sophos XG setup as virtual machines on the same host with identical resource allotments (8vCPUs/8GB of ram). When I'm using the Sophos 9.X UTM everything is fine I am able to achieve my ISP speeds (50/10) without any trouble. If I cut over to the XG and use that I see below 10 on both down/up speeds. There doesn't appear to be a difference if I have IPS on or off, web filter on or off.

This is being used on the home license so I know that there is a limitation on the XG of 4 vCPUs/6GB but I gave it more just to see what happens and while I can see the counts within XG i'm guessing it isn't actually using all of that.

Is there something else I am missing?



This thread was automatically locked due to age.
  • 0
    I am also experiencing this same issue, which is very disheartening considering the features of the XG Firewall. In production, I have Sophos UTM 9.3 with no issues bringing down 60Mbps. I have installed Sophos XG on similar hardware, and it can't even do 3 Mbps with 1 firewall rule, no IPS or app/web filters.

    I figured it could be the mainboard NIC, so I installed two PCI-E Intel® 82574L controllers - same deal. It seems as though Sophos XG is missing a ton of drivers... everything links up at 1000Mbps/Auto/Full-Duplex, but the performance is crud. CPU and Memory is fine (though Load calcs are confusing...). It is imperative that Sophos XG supports 802.11Q vlans on Intel® 82574L.

    I have tried changing NAT policies, QoS, DSCP marking, rules with no web/app/malware filters, rules with everything set - makes no difference.

    It is a simple HP Compaq DC7900: (better hardware than the UTM 9.3)
    CPU family Intel Core 2 Duo
    CPU nominal frequency 3.16GHz
    Processor socket LGA 775
    8 GB RAM
    2 x Intel® 82574L PCI-E
    80 GB HDD
    Same problem using mainboard NIC.

    Anyone else having issues? I have not run it in a VM - but if it can't support specific NIC hardware, the VM-allocated on top might experience the same fate. Might be worth changing the type of hardware for the VM NIC.

    Was hoping that a new release of Sophos XG would address these -assumably- driver/hardware issues... but there's no news on when we can expect an update.
  • 0
    8 vCPU? you might want to test it with fewer cores. If a software does not take advantage of additional cores, you will effectively slow down your VM by adding vCPUs/cores. They have to be scheduled all the same time, and if host os or other VMs need only one(!) core, they will prevent scheduling of all 8 cores at the same time!
    I strongly suggest using 4 vCPUs maximum
  • 0 in reply to CChamp
    The VM might have a significant performance boost. If the host OS has a proper driver, and XG detects this and uses a paravirtualized NIC driver, this might bring the cure for now.

    I just bought a Zotac CI323 will try the XG firewall on it directly
    Currently I am running UTM9 in a Hyper-V VM with only 2 vCPUs and get easily 100 MBps with IPS and ATP on (no webfilter though).
  • 0 in reply to EdmundSackbauer
    The original XG vm had 4vCPUs and 6GB of ram but showed the same symptoms.
  • 0 in reply to EdmundSackbauer
    My current UTM9 VM on the same host has no issues at all with 8vCPUs and 8GBs of ram (could probably scale it back but its working fine).
  • 0
    JohnDoe2, what are the hardware specs of the host running your UTMv9 and XG VMs? Specifically the mainboard and NICs?
    I believe this is simply a hardware compatibility issue with the Sophos XG, similar to my experience.
    I do not have the option of running VMs on top the HP DC7900 as the chipset does not support virtualization. Sophos XG needs to run on bare metal. I could easily spin up the XG in a VM on another workstation, but that is not my intended solution architecture.

    Is there a published hardware (mainboard/chipset/NIC) list for Sophos XG compatibility?
    I honestly thought that installing the Intel 82574L NICs would solve the issue, as they are one of the most prolific in the industry...
  • 0 in reply to CChamp
    I'm using a Supermicro board on the ESXI Host (MB: X9SCL-F). Link to the board: www.supermicro.com/.../X9SCL-F.cfm

    The NICS are Intel 82574L Gigabit (LAN) and Intel 82579LM Gigabit (WAN).

    I could setup another box and install this outside my VM environment but if possible I would like to keep it as a VM.
  • 0

    I have Sophos XG setup as virtual machine  with 2vCPUs Dual Core with 4gb of ram.

    When I'm using the WIFI Direclty from the ISP Modem everything is fine. I am able to achieve my ISP speeds (190 down /16 up)  witch is what I am paying for 200mpbs down / 16 mbps Up.

    If I access the internet using  the XG  I see below 10 down/ and 5 up speeds. I recently install this so there are no ip rules and there are just 3 port forward rules for other VMs

    This is  on the home license. What can be happening? I saw another post but there is not answer of what may be the issue.

    Thanks

    Yoel

  • 0 in reply to YoelGutierrez-Ortiz

    The secret is to turn off tcp and udp flood in the IPS tab.

    Ian

  • 0 in reply to rfcat_vk

    How do you this in XG?, I am running today at 4mbps.  it is really slow while I am paying for 200mbps