Speed & Wan Connectivity

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Speed & Wan Connectivity

chimchild
So I've finally pulled out my shield and started to use it/try it out.
 
Has any one else had any trouble connecting their shield in router mode to Comcast? Any specific settings that seem to work for people? Best as I can tell my regular house router connected to Comcast with DHCP to get its information.

Is there a way to increase its throughput/speed? Without the shield I'm getting 125Mbps with the shield I'm getting between 40Mbps and 50Mbps. I'm operating in bridge mode with SP1 and the March 9th hot-fix.

I would like to try it out in router mode, but have been unable to get it to connect to the modem/Comcast properly so far. I would also expect that having it pull router duties that it would add to the processing overhead and possibly decrease the Mbps more.

I understand that packet inspection process will slow down the connection speed, I guess I didn't expect it by this much. I think I read in an earlier post in the forums that shield has some hardware acceleration features that Itus hadn't turned on yet before they closed shop. If so is this something that people in the community may be working on somewhere?

Micah
Shield v1.51 SP1 + Hotfix Mar 9 Bridge mode
Reply | Threaded
Open this post in threaded view
|

Re: Speed & Wan Connectivity

user8446
Administrator
You should easily be able to get 100-125mbps throughput. How big is your IPS log? There is a known bug that slows your throughput as the log grows. Go to services>intrusion prevention>snort config and make these changes:

output alert_fast: alert.fast 64K

#include $PREPROC_RULE_PATH/sensitive-data.rules


This will do a log rotation at 64k and turn off the sensitive data alert rules.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Speed & Wan Connectivity

chimchild
Thanks for the suggestion.
I applied the changes you suggested, hit save/apply and even rebooted the shield. No improvement on the speed test. the output setting was at 1M before the change.

output alert_fast: alert.fast 64k
# output log_tcpdump: tcpdump.log

include classification.config
include reference.config

include reference.config

include $RULE_PATH/local.rules
include $RULE_PATH/snort.rules
#include $PREPROC_RULE_PATH/preprocessor.rules
#include $PREPROC_RULE_PATH/decoder.rules
#include $PREPROC_RULE_PATH/sensitive-data.rules
# include $SO_RULE_PATH/so1.rules
# include $SO_RULE_PATH/so2-misc.rules
Shield v1.51 SP1 + Hotfix Mar 9 Bridge mode
Reply | Threaded
Open this post in threaded view
|

Re: Speed & Wan Connectivity

chimchild
In reply to this post by user8446
The IPS log is only 3 lines of text, I estimate about 5.5K
Shield v1.51 SP1 + Hotfix Mar 9 Bridge mode
Reply | Threaded
Open this post in threaded view
|

Re: Speed & Wan Connectivity

user8446
Administrator
Do you have any of these in your syslog:

S5: Pruned session from cache ...

or

S5: Session exceeded configured max bytes to queue ...
Running in bridge mode, 1.51 SP1 fw