Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 2 subscribers
  • Views 10708 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Slow speeds between interfaces

Astaronator
Hey all,

I have an Astaro configuration that uses the following

8 interfaces
eth0 - Internal (192.168.10.0/24)
eth1 - External (WAN) 
eth2 - DMZ (192.168.25.0/24)
eth3 - Internal 2 (192.168.5.0/24)
eth4 - External (WAN) 2
rest - unused

So everything seems to work well however,

I have a file server on the Internal network at IP 192.168.10.5
When users copy a large file from the Internal network, they receive great gigabit speeds. My speed test utility shows Write: 275.9 Mbps Read: 493.4 Mbps

When users from the Internal 2 network try to send a file to the server it is incredibly slow. Utility shows Write: 80.1 Mbps Read: 333.2 Mbps

Is there a networking rule I'm missing? I mean all the traffic flows fine, its just incredibly slow.

Any help is muchly appreciated.

-Astaronator


This thread was automatically locked due to age.
Parents
  • 0
    Okay so I haven't gotten to the MTU or Duplex testing because I think I found the cause...

    When I said that the Packet Inspection and Firewall aren't a problem, I was referring to a lack of any blocked packets in the log. However, I decided to try shutting down the IPS temporarily and see if it changes anything.

    Result: FULL SPEED!

    Obviously I don't want to leave the IPS off, but I can't seem to find an exclusion rule that works. I've gotten the speed up to 100Mbps, but that is it.

    Here are some that I've tried:
    With all checks selected;
    Intrusion Prevention: Checked
    Portscan: Checked
    TCP SYN Flood: Checked
    UDP Flood: Checked
    ICMP Flood: Checked

    These are the rules I tried:
    Coming from: Internal 2
    ---------------------------
    Coming from: Internal 2 (network) AND Going to: Internal (network)
    ---------------------------
    Coming from: Internal 2 (network) AND going to FileServer
    ---------------------------
    Going to: Internal (network)
    ----------------------------
    Going to: FileServer

    No luck. Any recommendations?

    Thanks again,
    -Nator
Reply
  • 0
    Okay so I haven't gotten to the MTU or Duplex testing because I think I found the cause...

    When I said that the Packet Inspection and Firewall aren't a problem, I was referring to a lack of any blocked packets in the log. However, I decided to try shutting down the IPS temporarily and see if it changes anything.

    Result: FULL SPEED!

    Obviously I don't want to leave the IPS off, but I can't seem to find an exclusion rule that works. I've gotten the speed up to 100Mbps, but that is it.

    Here are some that I've tried:
    With all checks selected;
    Intrusion Prevention: Checked
    Portscan: Checked
    TCP SYN Flood: Checked
    UDP Flood: Checked
    ICMP Flood: Checked

    These are the rules I tried:
    Coming from: Internal 2
    ---------------------------
    Coming from: Internal 2 (network) AND Going to: Internal (network)
    ---------------------------
    Coming from: Internal 2 (network) AND going to FileServer
    ---------------------------
    Going to: Internal (network)
    ----------------------------
    Going to: FileServer

    No luck. Any recommendations?

    Thanks again,
    -Nator
Children
No Data