TZ370 Poor WAN throughput and packet loss after time
Hi
A few weeks ago we replaced the FW in our branch office with a TZ370. Since then, we have been measuring considerable losses in WAN throughput and a noticeable number of packet losses.
However, this behavior only occurs after several hours of operation. A reboot of the Sonicwall solves the problem comprehensibly for another ~ 12 hours.
The MTU size on the WAN interface has been checked and corresponds to the standard value of 1500 bytes with the specifications of the ISP.
In addition, all points from the corresponding KB article were checked:
WAN throughput after ~ 1 day of operation
WAN throughput right after SonicWall reboot
There is nothing in the system logs that indicates a problem. A reboot solves the problem reliably, even if only temporarily.
Firmware: SonicOS 7.0.1-5018
I ask for advice on how this problem can be solved. Thanks!
Regards
Marcel
Answers
Are you running any security services? If so try disabling them and see if it stablizes.
Services like Anti-Virus, Anti-Spyware IDS, Botnet-Filter, DPI-SSL, DPI-SSH, etc. are all disabled.
There is no excessive CPU load on the device. There are 2 active users on the LAN. The device should be in idle mode most of the time.
You are showing that those services are not enabled on a single zone, not on the firewall. Im guessing they are disabled globally too though.
Reset to factory defaults and re-create the config (don't import an old config).
Open a ticket with support.
Hi @MarcelK
Try to downgrade your firewall Firmware and do the test.
I am using SonicOS 7.0.0-R906. I am not facing any such issues on this firmware.
The security services are not even licensed on this device.
I received the device with firmware 7.0.0-R906 and then upgraded to 7.0.1-5018 due to these issues.
I will do a factory reset again. If this does not help, I will create a ticket with support.
Thanks for these tips.
MarcelK, Have you resolve the issue, how?
Unfortunately not. Meanwhile I tried different firmware releases. The latest from September (7.0.1-5023-R1826) seems to be totally messed up. Even WAN access doesn't work with it.
Can I use my current config (release 7.0.1-5018-R1709) with the initial release (7.0.0-R906)? Is this compatible?
Hi @MarcelK
Yes it will support. Try and let us know the status.
The problem also occurs under release 7.0.0-R906. A factory reset does not change the behavior either.
After rebooting the TZ370 device everything works fine for a few hours. Afterwards packet losses and considerable losses in throughput (see above).
I have now tried all available firmware releases to no avail.
do you have enough public IPs from your ISP to run the old firewall and Sonicwall side by side?
I think I can get 2 IP's from the ISP (UPC Sunrise). But the cable model only has one port and I don't have a switch available at the moment.
However, I know for sure that I had no such problems with the old firewall (Cisco RV220).
Hi Marcel, I have UPC Sunrise too in my office and I don't have the same issue. I send you my contact info in a DM. Maybe we can troubleshoot together.
I have been using a different firewall (Sophos SG) since the beginning of the week. The problem has not occurred since then.
The same network components were used, iklusice cables. The configuration is also the same.
So I can definitely say that the Sonicwall is the cause. It is very likely that the firmware has a bug.
I will now clarify this with Sonicwall Support.
I had some weirdness like this with a 570 on R906 at the beginning of the year. After a factory default and upgrade to R1262 they seemed to have gone away, and now on the latest (5023?) without issue.
The earlier firmwares on Gen7 were terrible and upgrading without factory default never helped.
Hey @MarcelK ,
We had a TZ670 v7 beta which we threw in the cupboard as we kept getting problems just like this.
We have gone back to our TZ600 with 6.5.8.. :(
Would love to see if SonicWALL can help you to get this resolved.
@Marco Octavian ?
S.
@TKWITS I did a factory reset and re-created the configuration with the latest firmware (5023) without importing it. Again, this did not fix the problem.
I am now waiting for an answer from support for a proper solution. Otherwise I will throw the device in the cupboard as well or sell it.
@Halon5 I'm pretty sure that I'm pretty sure that sonicos 7.x is still buggy.
Hey @MarcelK ,
Did you get anything useful out of support?
I'm trying to understand if we will go to v7 or do something else.
Thanks, S.
Good morning. Just leaving my input that we are currently facing the same thing with a TZ570 on (5030), Starting now two days ago it would degrade throughput after a reboot in about 3 hrs...now it only takes about 7 minutes.
Spent hours on with support rebuilding and fussing with MTU. Sonicwall, please fix the OS7 bug!
Doesn't sound like anyone has had any luck reverting back to a specific fw...
Thanks, dj
Hello, everyone
Until today the support from Sonicwall could not help me any further. Existing tickets will be closed without addressing the problem.
I've had to solve the problem weeks ago for me by using a Sophos UTM instead of the TZ370 cause it was unusable for me with this significant bug!
I offered support to make myself available as a test person to find the bug in the firmware. Obviously there is no interest in it.
I've tried everything, it's not an specific setting (e.g. MTU size). The problem occurs even in the basic configuration. With some firmware releases, the device can't even reached on LAN port after a few minutes.
I will resell the TZ370 after 4 months of trouble or just throw it in the trash. For me this was the first and last Sonicwall. :(
Best regards
Marcel
Stepping into the middle of this mess because I'm aggravated about your experience, @MarcelK
If you would be willing to provide your support case number(s) to @EnaBev that would certainly help.
In another thread I indicated that when I first heard about the Gen 7 devices I said I was going to wait at least 2 years until SonicWall ironed out the bugs. That's because there was simply no possible way they could have engineered themselves into a perfect OS and hardware as quickly as they seemed to. Now, one and a half years later, I have some clients that are going to soon outgrow their Gen 6.5 devices and the only migration path is to Gen 7 (or another vendor).
A few months ago I had a conference call with my account manager and two SEs regarding migration plans and my hesistancy. They assured me that by and large everything worked. When I mentioned the horror stories here in the Community, they said that it was only a few problem devices, but not to worry.
Well, I just ordered a TZ270W as an NFR unit to use as a test device and to learn the new interface and how to work with it. What I'm hoping is that I don't run into your experience - although I'm sure that something, somehow, is going to fall down.
Having spent almost all of 2021 working with the NSM team for improvements, I can understand how frustrating it is wanting to get a fix for a major (or even minor) problem. The thing is, I don't have to depend on NSM to get my work done. But if the firewall is inoperative then nothing gets accomplished. And all those support folk who want to remote in to check things simply won't be able to...
I hope some of the moderators can take this thread's discussion back to the appropriate Gen 7 project managers for consideration. I don't think they want end-users, clients, and partners to stop using the products altogether because problems don't seem to get fixed.