We are changing phone service providers on Monday. With this we are also going to have them handle our business class DSL. yes yes I know T1, but the highers ups dont want to drop the dough.
Anyways they came out to test our voice T1 yesterday and hooked up the DSL. This morning I take a watchguard firewall and hook it into the dsl line, then a laptop behind it. I fire up speakeasy and to my dismay get between 1.2Mbp and 2.0 Mbps speeds on a 6mbps line. So I try filefront, fileplanet, pull from our website which is hosted on lunarpages. To my dismay I am not pulling more than 140-160K\second.
So i decide to hook the laptop directly into the modem and wouldnt you know it, I am downloading at 600K+.
I guess the obvious question is why or what in that firewall could have caused such a massive cut in bandwidth? For the most part going through the firewall I was seeing 1/6th the effective bandwidth the line is rated at. Hooking directly into the modem and taking the firewall out of the equation was closer to 70%.
Our production firewall is a juniper systems netscreen and I am praying it doesnt exhibit similar behaviors come monday.
The firewall wasnt doing anything extravagent. I allowed HTTP, HTTPS, PPTP, IPSEC out on the trusted interface. Logs did show some dropping of packets from several locations, one of them our hosted exchange. But nothing over the top. Although I did find it interesting some of the entries said something to the affect of dropped due to port not open on 80 eventhough I allowed HTTP traffic to pass.
Anyways they came out to test our voice T1 yesterday and hooked up the DSL. This morning I take a watchguard firewall and hook it into the dsl line, then a laptop behind it. I fire up speakeasy and to my dismay get between 1.2Mbp and 2.0 Mbps speeds on a 6mbps line. So I try filefront, fileplanet, pull from our website which is hosted on lunarpages. To my dismay I am not pulling more than 140-160K\second.
So i decide to hook the laptop directly into the modem and wouldnt you know it, I am downloading at 600K+.
I guess the obvious question is why or what in that firewall could have caused such a massive cut in bandwidth? For the most part going through the firewall I was seeing 1/6th the effective bandwidth the line is rated at. Hooking directly into the modem and taking the firewall out of the equation was closer to 70%.
Our production firewall is a juniper systems netscreen and I am praying it doesnt exhibit similar behaviors come monday.
The firewall wasnt doing anything extravagent. I allowed HTTP, HTTPS, PPTP, IPSEC out on the trusted interface. Logs did show some dropping of packets from several locations, one of them our hosted exchange. But nothing over the top. Although I did find it interesting some of the entries said something to the affect of dropped due to port not open on 80 eventhough I allowed HTTP traffic to pass.
