Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 15803 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Increase in Ping when running speed test

deputycag

I have been testing out my Sophos XG firewall v16.  I have also ran this test with other software firewalls like Untangle and Sophos UTM just to  make sure it was not anything else.  

I ping Google DNS continuously.  Then I run a speedtest using http://www.speedtest.net/.  When the test starts to run I notice the pings increasing as shown below.  This only happens to Sophos XG.  Does not happen to UTM version or any other software.    I have tried to disable everything on Sophos XG.  No IPS,  No Antivirus or Web filtering.  Oh this also happens at two different locations.  One is  Sophos XG installed to HP Server.  The other is Sophos XG installed to vmware esxi.   

Anyone has any ideas?  It seems to me that under heavy bandwidth (115mbps) the sophos XG starts to slow down.  Sometimes the pings will reach 500-600ms.  

Reply from 8.8.8.8: bytes=32 time=7ms TTL=58
Reply from 8.8.8.8: bytes=32 time=10ms TTL=58
Reply from 8.8.8.8: bytes=32 time=7ms TTL=58
Reply from 8.8.8.8: bytes=32 time=8ms TTL=58
Reply from 8.8.8.8: bytes=32 time=7ms TTL=58
Reply from 8.8.8.8: bytes=32 time=9ms TTL=58
Reply from 8.8.8.8: bytes=32 time=8ms TTL=58
Reply from 8.8.8.8: bytes=32 time=7ms TTL=58
Reply from 8.8.8.8: bytes=32 time=8ms TTL=58
Reply from 8.8.8.8: bytes=32 time=76ms TTL=58
Reply from 8.8.8.8: bytes=32 time=173ms TTL=58
Reply from 8.8.8.8: bytes=32 time=204ms TTL=58
Reply from 8.8.8.8: bytes=32 time=224ms TTL=58
Reply from 8.8.8.8: bytes=32 time=250ms TTL=58
Reply from 8.8.8.8: bytes=32 time=295ms TTL=58
Reply from 8.8.8.8: bytes=32 time=270ms TTL=58
Reply from 8.8.8.8: bytes=32 time=308ms TTL=58
Reply from 8.8.8.8: bytes=32 time=322ms TTL=58
Reply from 8.8.8.8: bytes=32 time=318ms TTL=58
Reply from 8.8.8.8: bytes=32 time=312ms TTL=58
Reply from 8.8.8.8: bytes=32 time=283ms TTL=58
Reply from 8.8.8.8: bytes=32 time=323ms TTL=58
Reply from 8.8.8.8: bytes=32 time=304ms TTL=58
Reply from 8.8.8.8: bytes=32 time=306ms TTL=58
Reply from 8.8.8.8: bytes=32 time=116ms TTL=58
Reply from 8.8.8.8: bytes=32 time=8ms TTL=58
Reply from 8.8.8.8: bytes=32 time=7ms TTL=58
Reply from 8.8.8.8: bytes=32 time=7ms TTL=58
Reply from 8.8.8.8: bytes=32 time=8ms TTL=58



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to deputycag

    HI 

    Did you apply the QOS policy on the Rule when you conduct the Speed test . That would mean that the XG would regulate the traffic and other internet traffic would be affected.  Would you also provide us the snaps of the following

    Firewall rule the traffic is traversing through .

    Speed test results 

    Ping test results

    and System Graph during the test for WAN and LAN ports.

    Thanks and Regards

    Aditya Patel

  • 0 in reply to Aditya Patel

    QOS disabled is how I can recreate the ping increases.  IF I turn on QOS it will regulate the bandwidth so that it's not at full load so the pings will be normal.  

  • 0 in reply to deputycag

    Attached is speedtest,  ping,  system graphs.

     

  • 0 in reply to deputycag

    deputycag,

    I tried the test with both QoS Applied and not, the result with QoS (of course) is a little bit better because XG is able to handle the connection and "ensure" the traffic for that connection.

    What are your HW resources?

    Also Anti-virus is enabled (I forgot to mention it previously)

    Have a look at how CPU and Memory are used during the test using the "top -d 1" command from the shell

  • 0 in reply to lferrara

    HP Server on one end.  Xeon E3-1230 v3 3.3ghz,  8gb ram and Samsung 840 evo SSD

    Vmware ESXI on other end,  Dual Xeon,  6gb ram.   This one is in a Virtual Machine.

    Both sides get around 115mbps,  One is FIOS and other Optimum online

    Both sides I can replicate same.  Tried to do fresh install on both sides also.  

    How do I run top-d1 command from shell?

  • 0 in reply to deputycag

    Connect to XG using an SSH client and then type 5 > 3 and you are into Advanced Shell

    The command is "top -d 1" without quota.

  • 0 in reply to lferrara

    High CPU with Snort.  

     

     

    Snort Service Stopped and IPS off.   Still High pings during test

  • 0 in reply to deputycag

    Can you post the firewall policy that you are using for the test?

    EDIT: Also, can you ping another vm inside of your network instead of google to see if it is XG or your WAN link is choking? If it is just your WAN link then without QoS that is what I would expect...

  • 0 in reply to deputycag

    Hi deputycag, 

    Could you set the settings on System Services > Traffic Shaping Settings 

    Here,if you have 100 Mbps = 102400 Kbps; 102400 – 10% = 92160 Kbps; 92160/8 = 11520 KBps 
           or Kilo Bytes per second).

    Check with these settings and conduct the same test again 

    Thanks and Regards

    Aditya Patel | Network and Security Engineer.

  • 0 in reply to Aditya Patel

    Hi Aditya, he is trying to test without QoS on a WAN link that is limited to 100mb??? I think. Without QoS the higher pings are to be expected. I think the OP is wondering why he doesn't have the same behavior of high ping times without QoS enabled when using other products like UTM or alike? I am not sure if UTM does any kind of ack/icmp prioritizing without enabling QoS. 

    Regards
    Bill