Slow flow through between Inside and DMZ on a PIX

Answered Question
Feb 12th, 2010

Hello everyone,

Here's my setup:
PIX-515E Release 6.3

3 physical interface: IN, OUT, DMZ

I have a problem about the flow through between a PC on the inside and a pc on the DMZ.
The flow between the 2 machines is about 60kB in one direction and about 500kB in another.
I tested with different cables RJ45, switch and PC but the result is the same.
When I put the 2 PCs on the inside I have a throughput of about 10MB fairly reasonable.

For me it just my PIX, you have already encountered this problem? Is there a parameter to be added to allow better flow between certain interface?

Thank you in advance for your answers.

Rémi

I have this problem too.
0 votes
Correct Answer by Kureli Sankar about 6 years 11 months ago

Remi,

Collect the output again and see if the counters increment.

If so may be try to change the setting to auto auto on both ends (switch and firewall) and see if the errors will go away.

sh int e0/0

do it for each interface and findout which interface is seeing errors.

-KS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Remi49000 Fri, 02/12/2010 - 04:34

Thanks for your answer,

Yes I have tested throughput between two devices on the DMZ and the result is also correct (near 10MB)

If you have another idea..

Rémi

p.mcgowan Fri, 02/12/2010 - 06:39

Have you checked speed and duplex settings are fixed 100mb full duplex on clients switch ports and pix interface ports.

Are there any errors on pix interface ports?

Regards,

Paul McGowan

Capita IT Services

Sent From Blackberry

Remi49000 Fri, 02/12/2010 - 07:10

Thanks for your answer,

Yes, all interfaces are fixed 100mb full duplex and switch too.

But:

sh int | i errors

    0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
    0 output errors, 0 collisions, 0 interface resets
    2232467 input errors, 1616434 CRC, 0 frame, 0 overrun, 1616434 ignored, 0 abort
    0 output errors, 0 collisions, 0 interface resets
    260 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
    0 output errors, 0 collisions, 0 interface resets

Correct Answer
Kureli Sankar Fri, 02/12/2010 - 07:16

Remi,

Collect the output again and see if the counters increment.

If so may be try to change the setting to auto auto on both ends (switch and firewall) and see if the errors will go away.

sh int e0/0

do it for each interface and findout which interface is seeing errors.

-KS

Remi49000 Fri, 02/12/2010 - 07:33

Yes the counters increment in mode 100full

But in settings mode "auto" on the inside and DMZ now it's OK!!

Many thanks, throughput are great now !!

Actions

This Discussion