Slow performance to other connections, regular use is fine.

edited August 2021 in Technical Discussion


I'm trying to figure out what the issue could be and fix it. I have a 10Gbps Internet connection to my M470. Unfortunately I don't have all my equipment and my local connection is 1Gbps copper. I also have my old 1Gbps connection to test to, also enterprise and a personal 1Gbps.

I get horrible speeds testing externally via these other two connections but a bandwidth test at speedest.net or fast.com is fine. Actual usage is fine too, it's just these are terrible. I care because it's effecting my VPN performance and a BOVPN.

I'm using netio (you can find it at sf.net) to test, or Roadkill's commtest, if I'm in a VPN I'll also transfer a file and look at the speeds.

Testing from home or the enterprise connection to my 10Gbps gets me 9 to 10 MBs! That's it! The router before the firewall reports the interface to the firewall as having a utilization percentage around 01.29 to 01.34 - not much. I can go do a speed test online and it's near 1gbps, nothing else seems to have issues and when I cough tested, downloading stuff via steam, it's as it should be.

The MTU on the 10Gbps is 9k, internal is 1500. I've been thinking MTU problems were at play but I don't think that is the case.

I don't have any traffic management and nothing should be inspecting this and I'd think the throughput would be better even if it were. I'm grasping at straws. Any ideas?

P.S. Don't know if this is related, but the System Manager Front Panel Status shows nothing flowing from any of my interfaces and to traffic or load indicators


  • Options

    I've since found out that IPerf3 is available for windows, I'm testing with that now. I've found the results are the same. I was able to test from the home connection to work at full speed but I had to use 8 parallel connections.


  • Options

    I've been busy with other things but looking into this from time to time and in short it seems to be a windows problem. I am finding that the watchguard adds to it but I can't say much on it.

    I've been testing with the windows version of iperf3 and there are a few things it doesn't do that the linux vesion will do. For example: it doesn't show retransmits, it also can't do PMTU.

    I've found that a linux host on both sides can connect at just about connection speed. Where as windows is a lot lower.

    Home (1gbps fiber) to the Old (1gpbs enterprise fiber)
    Soild 2ms pings, windows ~500 mpbs, linux ~933 mpbs
    Home to New (10gbps)
    ~11ms ping (this is probably due to another company routing actual internet access), windows ~140mbps, linux ~800mbps. The results are about the same for New and Old.

    This points so RWIN issues I believe, but we can't do much about that since windows 7.

    The reason I've been seeing no issues with most things is because the world has long since gone from single connections to multi connections. I can replicate my person testings by using speedtest.net and single.speedtest.net

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @CCSD130
    There are quite a few factors that can go into appreciable speed between routers.
    I'd suggest opening a support case if you'd like to look into this more deeply. Our team can look at the firewall and help determine if there's anything that can be tweaked/changed to help with your speeds.

    -James Carson
    WatchGuard Customer Support

  • Options
    I usually throttle my upload and download speed to 95% of what I pay for to prevent possible ISP throttle. (I do paid for instead of what the test shows since what I paid for is guaranteed and anything extra is NOT guaranteed)

    Also, if speeds are Gbps, and your transfer speeds are MBps you have to make sure you do the conversion of bytes to bits since those are two units.

    Does status report show any interface statistics for the interfaces in question?
Sign In to comment.