Compare or Copy files slow when using VPN (Client to Site)
Hi,
I've been using (Beyond Compare - Ver. 3.3.5.15075) for a long time on my local network with VPN (Site to Site) without slowdowns.
That is, my developers who are in the office perform the comparison using the office network to the servers that are in the datacanter connected by a VPN (Site to Site).
The comparison is made from (Local Disk) to a path (FTP://server). But I also tested it using share (\\server\share) and the time was the same.
However, when they are at home office they constantly question the slowness during the comparison process. Remembering that for developers to reach the datacenter, they connect to a VPN in the office and connected in the office they can access the datacenter using the scenario mentioned above, that is, VPN (Site to Site) from the office to the datacenter.
The files are small, but they are many and among them we have: (dll, gif, txt, jpg, xml etc.)
I read that the newer versions have new improvements but I tested with the last version the time was the same. I did not identify a reduction in time.
A relevant fact that we observed was the antivirus and we included in the tests scenario with the antivirus turned on or off, on the computer that is doing the comparison.
Below I present the results: (It is visible that the time of those who are in the home office during the compare is very long!)
Or is there any configuration no SSLVPN we can do to help with this process?
Folder with 6000 (156MB) files used compare
Version Beyond Compare 3
Office > Datacenter (VPN Site to Site)
01:51 - Beyond Compare (Av Power On)
00:46 - Beyond Compare (Av Power Off)
01:47 - Beyond Compare (AV Exclude C:\DirBeyound)
01:00 - Beyond Compare (AV Exclude C:\DirBeyound e \\server\website)
01:00 - Beyond Compare (AV Exclude C:\DirBeyound, C:\Temp\Site e \\server\website)
02:50 - Copy file share (Av Power On)
Datacenter > Office (VPN Site to Site)
03:20 - Copy file share (Av Power On)
Home Office SSLVPN > Datacenter
13:00 - Beyond Compare (Av Power On)
10:30 - Beyond Compare (Av Power Off)
+15:00 - Copy file share (Av Power Off)
00:40 - Copy one file share 230MB (Av Power Off) ~6,6 MB/s
Home Office SSLVPN > Office
08:00 - Beyond Compare (Av Power On)
08:16 - Beyond Compare (Av Power Off)
07:30 - Beyond Compare (Av Power Off x Server Power Off)
07:30 - Copy file RDP
+15:00 - Copy file share
00:40 - Copy one file share 230MB (Av Power Off) ~6,6 MB/s
Thanks.
Answers
You have failed to mention anything about the Sonicwall device used, firmware, or software version of your SSLVPN client.
Searching the forum might help:
Your testing methodology is less than ideal. Do you know what protocol(s) 'BeyondCompare' uses? Is the underlying protocol the most efficient one?
Windows (is that what you're using? it's implied but never stated...) file transfer (via SMB/CIFS) efficiency is notoriously poor when a large number of small files are transferred...
I think you're complaining about network throughput over SSLVPN here - you certainly wouldn't be the first person to question this. If you want to test network throughput, use a specific tool like iperf for this.
As tkwits says, large number of small files is pretty much the worst-case performance scenario for copy operations.
Hello,
I will answer the questions to clarify my question.
We use two TZ570 - Firmware SonicOS 7.0.1-5080
Beyond Compare is a tool that compares files that can be from sources: (Local, SMB or FTP).
We know that when we are talking about small files in large quantities in Windows, the processing of the transfer regardless of the means of communication is much slower.
However, to carry out the questioning, we carried out comparative tests to understand that when we are using SSL VPN, this time increases significantly. That is, it is slow and when you are using an SSL VPN there is a longer period of slowness than it is naturally. That is the question.
We did a test that I believe I didn't present here or it wasn't made clear to everyone.
I have another simple VPN based on IPTABLES with another datacenter and the time is slow as I said by normality due to the amount of files, but it is twice as fast as SSL VPN in a simple file transfer, independent of tool. That is, I'm talking about a standard transfer that we already know.
When I transfer approximately 6000 files with SSLPN it takes more than 15 minutes to datacenter A.
When I transfer the same amount of files with VPN pptd it takes about 7 minutes.
Just to remind you that my datacenter internet links have the same capacity of 500Mbps with very low usage.
The origin of the test is my machine with 200Mbps 5G internet.
Now speaking of tool (Beyond Compare) today I discovered a root cause specifically related to transfer using FTP.
I read that some tools using passive mode as default and active mode is better for transferring files. So I decided to look at the configuration and disabled the passive mode. The transfer went from 60 minutes to 2 minutes.
That is, there are many factors involved.
1 - Transfer fee
2 - Antivirus blocks a lot of SMB transfer
3 - FTP transfer requires configuration adjustment to work better on the client side than on the server side
Now I have other issues I need to look into:
- Queries with (Microsoft SQL Server Management Studio) many complain that they are slow. I will need to analyze how it works to understand what I can do.
My whole question is why Sonicwall must do a lot of filtering and I believe that it may be interfering at some point. My idea was during my tests to disable everything and make sure nothing is filtered to make sure Sonicwall is not interfering.
But I've also heard that SSL VPN also causes some slowdowns, so I use VPN pptd to assess whether there is any relationship or not.
I'm evolving with the subject and making adjustments to the origins, but I also need to look at sonicwall.
Thanks.
My whole question is why Sonicwall must do a lot of filtering and I believe that it may be interfering at some point.
This is pretty much 80% of the point of a UTM platform like SonicOS - scanning, filtering and blocking stuff. If you don't need that then you probably don't need a Sonicwall. Having said that, you might judge that it's not worth having these services enabled on internal zones, which would improve performance.
Hi,
see a simulation: https://youtu.be/c9UaOSlKZsw
today we disabled all sonicwall filters and the time did not increase.
Is the transfer time really normal for the amount of files and file type?
I did another test with another VPN IPTABLES (pptd) and the time was simulate. (8 minutes)
When the files are bigger the time is significantly better.
I did a test on my LAN by transferring from a computer to the server and the time was 2 minutes.
In my scenario with SSL VPN we managed at least 8 minutes.
We did a test with a completely different computer connecting to SSL VPN and the time was exactly the same.
With local antivirus disabled on the computer and on the server.
Thanks.