Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Why has the Latency Increased from <1 ms on LAN when pinging new generation 7 Sonicwall?

adhumphriesadhumphries Newbie ✭
edited August 9 in Entry Level Firewalls

Ping has increased from <1 ms to being all over the place when the TZ370 and TZ470 sonicwalls that we are using. This seems unrealistic when you have a latency dependent application like we do across the Sonicwall world. Just wondering if anyone else has seen this or found a way to resolve?

Category: Entry Level Firewalls
Reply

Answers

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    Hi @adhumphries

    Are you facing the latency entire network or particular to any Server while pinging. if you are facing the latency in entire LAN Network, it can be due to the physical cabling, faulty switches or switch loop. Use wireshark to identify if there any broadcast issue in your network.

    I recommend to connect your laptop directly to the Sonicwall and do the test or use any network monitoring tool such as Solarwinds.

    If you have COre Switch and multiple access switches, do the trace rout to gateway IP so it will show from where to where the more latency.

  • OdimasOdimas Newbie ✭

    I'm facing the same problem. I have already installed some devices TZ270, TZ370 and TZ570. The same problem happens in all of them.

  • adhumphriesadhumphries Newbie ✭

    Ajishlal,

    I have this problem only to the sonicwall. Pinging other items in the network are fine. The problem seems to be that the sonicwall returns unexpected ping results that are all over the place 1- multiple ms. This problem only started occurring with the new generation of Sonicwalls as well. The TZ300 TZ400 and before all reply in <1ms.

    Any help is appreciated but all of our TZ370 and TZ470 have this problem.

  • NatNat Newbie

    I think this is design issue, it happens on all gen7 devices.

    If you have latency sensitive application, I think you need to contact sonicwall support.

  • SliderhomeSliderhome Newbie ✭
    edited August 12

    I checked and have the same problem.

    Computer connected directly with a cable.

    TZ300,400 & 500 firmware 6.5.4.8-89n <1ms

    TZ270 & TZ570 firmware 7.0.1-5018 avg 5ms

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    Hi @Sliderhome

    Make sure the IPS low priority attacks not enabled on your Firewall. If you enabled, disable that and try.

    Configure it as same as below screen shot.


  • adhumphriesadhumphries Newbie ✭

    Alishlal,

    Even with IPS completely disabled I get swings of latency to my Sonicwall. You can see in this screen shot pinging to my server is consistently below 1MS but to my Sonicwall is all over the place. This is happening on ALL Sonicwall's from the X70 series as I have seen too. Any help is appreciated.


  • SliderhomeSliderhome Newbie ✭

    @Ajishlal


    Tested with the tz270 (factory default) only internet, same result.

  • ArkwrightArkwright Newbie ✭

    This behaviour isn't all that surprising given the general slowness of the Gen7 devices, and I can confirm that the ping times going from Gen6 to Gen7 are a) higher b) much more jittery [see if you can spot where the firewall was replaced]:

    However.....does it actually matter? Ping times through the firewall are exactly the same as before, it's just ping time to the firewall itself that has gone awry.

  • TKWITSTKWITS All-Knowing Sage ✭✭✭✭
    edited August 16

    It's pretty simple. Gen 6s are very mature products (Sonic OS 6.5) running on a very mature OS (VxWorks) and hardware (Cavium/Marvell Octeon MIPS64 CPU). Gen 7s are very immature products (Sonic OS 7.0) running on a very mature OS (Linux) and who knows what hardware(no one has published this info, I suspect ARM64 though). The new mangement interface overhead is not as finely tuned, thus slow pings and UI response.

    I too have seen the 'issue', but as ARKWRIGHT said latency through the device is as expected.

  • NatNat Newbie

    Its still Marvell CPU and its an ARM. (not from vendor but you can easily know if you have a device on hand)

  • BWCBWC Cybersecurity Overlord ✭✭✭

    I don't have a NSa / NSsp at hand, are these units affected as well?

    Shouldn't OFP speeding up the packet flow instead putting some extra latency on it?

    I asked the same a year ago, so at least it's not new, but to be fair I did not put much effort into this for further investigation :)


    --Michael@BWC

  • NatNat Newbie

    Yes, all gen7 are same. So this is purely design issue. But its great that @Arkwright point out it only affects firewall interface itself. Network connections are not affected.

Sign In or Register to comment.