Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Slow Windows file copies and ftp

We have a pair of redundant 515e firewalls. A couple months ago users started complaining of slow performace between network segments. The common denominator seems to be segments seperated by the PIX's. We also discovered if we try to FTP files from the inside interface to anything on the outside interface (dmz or on the Internet), the speed drops to about 12 KB/s. No matter what we FTP to on the outside, we never get above 12 or 13 KB/s. I noticed similar performance when we try to do a Windows file copy from a workstation on the inside interface to a Windows box on the outside interface.

I read a few posts on various forums, and subsequently changed the ports from auto to 100/full on the PIX's and the switch. That did not help.

I upgraded the firewalls to 7.2.1 in January, but can't remember from what. It was 6.something, but I don't remember exactly what. Complaints started coming in around March, so it might be unrelated. I upgraded the PIX to 7.2.2 this weekend, but that did not change the behavior.

Any suggestions?

Thanks,

Daris

9 REPLIES
New Member

Re: Slow Windows file copies and ftp

Post your config please.

Thanks!

New Member

Re: Slow Windows file copies and ftp

Thanks for helping. Here is the config on the PIX. I attached it, because I didn't want to cut anything out that might be helpful.

Daris

New Member

Re: Slow Windows file copies and ftp

When you say that you are transferring a file from the inside to the outside and it is slow,.. what exactly is on the outside? Are you uploading a file to a known host on the public internet or a private host that is 1 hop away from the outside interface?

New Member

Re: Slow Windows file copies and ftp

Both. I test to a FTP server in our DMZ (between the pix and our Internet router), and a public FTP server at my home. The transfer speeds are the same. I can't do Windows file copies to the box at home, but Windows file copies display similar speeds to our DMZ FTP server. The DMZ ftp server is connected to a the same CISCO switch that the PIX is connected to.

The ports for the PIX and the FTP server are forced to 100/Full and show no errors.

Again thanks,

Daris

Silver

Re: Slow Windows file copies and ftp

Try a ping test, ping your other side ip address from your PC/Host using the option ping -l 1500 -f

You should see something like "Packet needs to be Fragmented but DF set"

Try lowering the size of the packet from 1500 to 1400 and then slowly check when your Host ping. Once you start getting the replies give the command sysopt connection tcpmss

Then check on your speed again.

HTH

Hoogen

New Member

Re: Slow Windows file copies and ftp

Thanks Hoogen. I tried that, but it did not seem to help the problem. FTP to our DMZ server on the outside interface is still between 12 and 15 KB/s.

Silver

Re: Slow Windows file copies and ftp

Did you check for Interface errors on the inside interface and the switchport it is connected to?

sh interface "interface"

Thanks,

Chad

New Member

Re: Slow Windows file copies and ftp

Yes I did. There are not errors on any of the interfaces or associated switch ports.

Bronze

Re: Slow Windows file copies and ftp

Does a sniffer capture reveal any obvious performance issues? Retransmissions etc?

Daniel

224
Views
0
Helpful
9
Replies