Solved

Should multicast be enabled on a Sonic Wall firewall?

Posted on 2010-09-05
6
5,052 Views
Last Modified: 2012-06-21
As a general rule should multicast be enabled on a Sonic Wall firewall running in transparent mode?  We sometimes notice some bogging down of our network I believe due to it being flat with no VLAN's.

We use Ghost sometimes to image computers and we always disconnect the lab from the rest of the network because it bogs down the network.  I'm not really concerned so much with imaging, but just wondered as a general rule if it helps or hurts a network overall as far as bandwidth and performance.

We have a Sonic Wall 5060.  

Thanks,
M.
0
Comment
Question by:mscalafasd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 1

Expert Comment

by:ycsi
ID: 33608545
The choice depends on your network activities.
Multicast represents traffic destined to multiple hosts.
When eneabled, it allows the traffic to be sent one time, while allowing multiple registered hosts to receive it, which it more efficient than sending the traffic individually to each host.
0
 
LVL 5

Expert Comment

by:piwowarc
ID: 33611394
There is a general rule that all routers if not asked to do otherwise will kill all broadcasts. Multicasts as ycsi suggested is a specific kind of traffic (one to many). If you don't need them (and you may in situations like computer imaging, some audio/video brodcasting and similar one to many scenarios) I would turn them off because they are (of course depending on number of traffic) jamming your network traffic. Every NIC or switch has to pass or discard them and they should not have that extra work if it is not needed.

Besides you ask about allowing them through your firewall? Do you have Sonic Wall between two parts of your LAN network or on the edge connected to WAN connection?

HTH

Chris
0
 

Author Comment

by:mscalafasd
ID: 33611542
The Sonic Wall is at the edge in transparent mode, so traffic from 4 buildings flows through it.  The router is at 10.1.1.1 and the Sonic Wall is at 10.1.1.5

It also does gateway antivirus, intrusion prevention, and content filtering.

M.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 5

Expert Comment

by:piwowarc
ID: 33612806
So you are not sending anything using multicast? Disable it on Sonic Wall then and wait if your users start complaining about something not working for them. Then you will know :)

HTH

Chris
0
 
LVL 1

Expert Comment

by:ycsi
ID: 33613539
If your network does not have one-to-many traffic, enabling multicast pass through will not improve the traffic flow.
However, after re-reading your original message and the clarification comment, I would suggest that multicast is enabled at 5060 - it won't hurt the throughput, just might help in some situations.
0
 
LVL 17

Accepted Solution

by:
ccomley earned 250 total points
ID: 33615542
If you're not DOING any multicast, then enabling/disabling it on the SW will make no difference.

If you are doing it but not for anything "legit", then disabling it will help stop the abuse of your system! :)

You could turn on the Viewpoint service of the SW to get a picture of what's using your bandwidth. Or you could look to upgrade the SW to the new edition of SonicOS coming out soon  which includes "Traffic Visualisation" - a massively more powerful traffic monitoring system.

Perhaps the solution you seek is to *start* doing some VLANing.

0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASA 5505 latency problem 8 64
ASA5510 Blocking a Wanted Website/Host 9 48
igmp snooping in layer 2 switch 4 29
Changing Lease Duration for DHCP clients 34 71
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question