Traffic through FWSM is slow

Unanswered Question
Oct 2nd, 2007
User Badges:

My customer says that performance through the FWSM was very sluggish.

He said he switched over from active to standby FWSM and everything is fine after this.

I want to ask him to switch back to the suspect FWSM module again to see the problem first hand.

Apart from SHOW TECH and SHOW LOG is there any more usefull commands that I can do on the problem FWSM at the time of the problem that will help me narrow down the problem.

At the moment I have the SHOW TECH and a sniffer trace with the problem FWSM and a sniffer trace after switching over to standby FWSM, but I can't see anything unusual in these sniffer traces such as retranmissions, etc.

Versions running on both the FWSM:

FWSM Firewall Version 2.3(4)6

FWSM Device Manager Version 2.1(1)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
tstanik Mon, 10/08/2007 - 13:36
User Badges:
  • Bronze, 100 points or more

Traffic through FWSM can be slow due to a variety of reasons and it is better to narrow down to the type of traffic which is causing the problem. This can be checked by removing the respective inspect command (like inspect HTTP) and then checking the traffic flow. Also check if the cpu and memory usage of FWSM are not reason of its slow performance.

ju_mobile Fri, 01/18/2008 - 09:35
User Badges:


If you manage to identify your issue then I would be keen to review your findings. I'm currently investigating a similar issue where the throughput varies from 1.5MBps (slow) up to 94MBps when running a test from in the same VLAN or through the firewall. I plan to fail the firewalls over at the earliest chance to see if it is a hardware limitation.



sbaddipu Fri, 01/18/2008 - 09:53
User Badges:

There are few commands you could use to check the amount of traffic flow per vlan...

If I recollect there is a command "show traffic ..."


ju_mobile Sat, 01/19/2008 - 04:14
User Badges:


When looking at the graphing (ASDM) and via SNMP .I can see that the interfaces are not particularly under any load (less than 20Mbps). The impact is seen when attempting to run a backup or a large copy.

What identified the issue was a 187 GB drive on a server in a blade farm backing up in the same vlan with a write speed of approx 40MBps (speed that the tape writes at) where as through through the firewall this dropped to 1.5MBps. The architechture of the FWSM should allow for at least 100MBps throughput on the basis of the backplane being able to process 1Gbps.

Many Thanks for your input



This Discussion