Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 22 replies
  • Subscribers 4 subscribers
  • Views 23916 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM speeds seem to be capped (getting 25mbits instead of 200mbits)

exwhywhyzee
i have Time Warner, and recently, I was offered a free tier upgrade.  I was upgraded to the 200mbits package.  However, the various speed tests would show a peak of about 25mbits.  In speaking to the TWC tech, they thought it might be an issue with the modem, so the sent out a new one.  The problem, unfortunately, was not resolved by replacing the modem.

When I connected my laptop directly to the modem and ran the speed tests, I peaked out at about 215mbits.  The only device between the modem and my internal network is my Sophos UTM box.

I'm running 9.310-11 at the moment, which is running on top of esxi 5.0.
It's on an AMD e350, with 8GB, and dual Intel 1000mbit NICs.

I'm not sure what other information is pertinent, so please ask me, and I'll post it.

Any any all help will be greatly appreciated.


This thread was automatically locked due to age.
Parents
  • 0
    the i-3 will serve you much better..along with 8 gigs of ram.
  • 0 in reply to William Warren

    Sorry to bring back a zombie thread, but it seems very relevant. I recently got gigabit to the home, what specs now would suffice to get IPS to those speeds of possible? I have a g3258 with 16gb available @ 4.5ghz.

    Right now the NSA2400 is capping out at 200/200. I'm vetting solutions and since we are a Sophos partner I figure why not try The home version?

  • 0 in reply to tuannguyen

    Hi, Tuan, and welcome to the UTM Community!

    I also saw your conversation with Jason Lenn in another thread.  The most I've heard of anyone getting with Snort active is a little over 300Mbps per user.  We discussed using ESXi and "stacking" processors to get what Snort might see as a single 8GHz processor.  One of the participants said it couldn't be done, but several others thought it could be - I have no idea!  If you know enough to try that, please let us know if it works.

    Cheers- Bob

Reply
  • 0 in reply to tuannguyen

    Hi, Tuan, and welcome to the UTM Community!

    I also saw your conversation with Jason Lenn in another thread.  The most I've heard of anyone getting with Snort active is a little over 300Mbps per user.  We discussed using ESXi and "stacking" processors to get what Snort might see as a single 8GHz processor.  One of the participants said it couldn't be done, but several others thought it could be - I have no idea!  If you know enough to try that, please let us know if it works.

    Cheers- Bob

Children
  • 0 in reply to BAlfson

    I most definitely am familiar with that type of setup. I'm pretty sure the pool does not aggregate the CPU speed between cores in a hypervisor such as ESXi. That'd be cool for things like SQL, but it doesn't really work that way from what I've seen.

    I just sold off the ESXi box last week and am looking for a replacement. We'll see.

    Now, what does the XG firewall use in place of Snort? I understand it doesn't have the limitations of SG/UTM. 

    While I want a single user gig throughput, I'm okay with multiple users getting full bandwidth as a total if that's the most probable option. Is it really done per user, or per data stream? For example if I'm torrenting, would it use multiple threads and give a single PC full throughput?