Slow flow through between Inside and DMZ on a PIX

Answered Question
Feb 12th, 2010
User Badges:

Hello everyone,


Here's my setup:
PIX-515E Release 6.3


3 physical interface: IN, OUT, DMZ


I have a problem about the flow through between a PC on the inside and a pc on the DMZ.
The flow between the 2 machines is about 60kB in one direction and about 500kB in another.
I tested with different cables RJ45, switch and PC but the result is the same.
When I put the 2 PCs on the inside I have a throughput of about 10MB fairly reasonable.


For me it just my PIX, you have already encountered this problem? Is there a parameter to be added to allow better flow between certain interface?


Thank you in advance for your answers.


Rémi

Correct Answer by Kureli Sankar about 7 years 3 months ago

Remi,

Collect the output again and see if the counters increment.

If so may be try to change the setting to auto auto on both ends (switch and firewall) and see if the errors will go away.


sh int e0/0


do it for each interface and findout which interface is seeing errors.


-KS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
p.mcgowan Fri, 02/12/2010 - 03:05
User Badges:
  • Bronze, 100 points or more

have you tested throughput between two

devices on the DMZ?

Remi49000 Fri, 02/12/2010 - 04:34
User Badges:

Thanks for your answer,


Yes I have tested throughput between two devices on the DMZ and the result is also correct (near 10MB)

If you have another idea..


Rémi

Kureli Sankar Fri, 02/12/2010 - 06:10
User Badges:
  • Cisco Employee,

sh int | i errors


do any of them show errors?


-KS

p.mcgowan Fri, 02/12/2010 - 06:39
User Badges:
  • Bronze, 100 points or more

Have you checked speed and duplex settings are fixed 100mb full duplex on clients switch ports and pix interface ports.

Are there any errors on pix interface ports?

Regards,

Paul McGowan

Capita IT Services


Sent From Blackberry

Remi49000 Fri, 02/12/2010 - 07:10
User Badges:

Thanks for your answer,


Yes, all interfaces are fixed 100mb full duplex and switch too.

But:

sh int | i errors


    0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
    0 output errors, 0 collisions, 0 interface resets
    2232467 input errors, 1616434 CRC, 0 frame, 0 overrun, 1616434 ignored, 0 abort
    0 output errors, 0 collisions, 0 interface resets
    260 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
    0 output errors, 0 collisions, 0 interface resets

Correct Answer
Kureli Sankar Fri, 02/12/2010 - 07:16
User Badges:
  • Cisco Employee,

Remi,

Collect the output again and see if the counters increment.

If so may be try to change the setting to auto auto on both ends (switch and firewall) and see if the errors will go away.


sh int e0/0


do it for each interface and findout which interface is seeing errors.


-KS

Remi49000 Fri, 02/12/2010 - 07:33
User Badges:

Yes the counters increment in mode 100full


But in settings mode "auto" on the inside and DMZ now it's OK!!


Many thanks, throughput are great now !!

Actions

This Discussion