Solved

Should multicast be enabled on a Sonic Wall firewall?

Posted on 2010-09-05
6
4,499 Views
Last Modified: 2012-06-21
As a general rule should multicast be enabled on a Sonic Wall firewall running in transparent mode?  We sometimes notice some bogging down of our network I believe due to it being flat with no VLAN's.

We use Ghost sometimes to image computers and we always disconnect the lab from the rest of the network because it bogs down the network.  I'm not really concerned so much with imaging, but just wondered as a general rule if it helps or hurts a network overall as far as bandwidth and performance.

We have a Sonic Wall 5060.  

Thanks,
M.
0
Comment
Question by:mscalafasd
6 Comments
 
LVL 1

Expert Comment

by:ycsi
Comment Utility
The choice depends on your network activities.
Multicast represents traffic destined to multiple hosts.
When eneabled, it allows the traffic to be sent one time, while allowing multiple registered hosts to receive it, which it more efficient than sending the traffic individually to each host.
0
 
LVL 5

Expert Comment

by:piwowarc
Comment Utility
There is a general rule that all routers if not asked to do otherwise will kill all broadcasts. Multicasts as ycsi suggested is a specific kind of traffic (one to many). If you don't need them (and you may in situations like computer imaging, some audio/video brodcasting and similar one to many scenarios) I would turn them off because they are (of course depending on number of traffic) jamming your network traffic. Every NIC or switch has to pass or discard them and they should not have that extra work if it is not needed.

Besides you ask about allowing them through your firewall? Do you have Sonic Wall between two parts of your LAN network or on the edge connected to WAN connection?

HTH

Chris
0
 

Author Comment

by:mscalafasd
Comment Utility
The Sonic Wall is at the edge in transparent mode, so traffic from 4 buildings flows through it.  The router is at 10.1.1.1 and the Sonic Wall is at 10.1.1.5

It also does gateway antivirus, intrusion prevention, and content filtering.

M.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 5

Expert Comment

by:piwowarc
Comment Utility
So you are not sending anything using multicast? Disable it on Sonic Wall then and wait if your users start complaining about something not working for them. Then you will know :)

HTH

Chris
0
 
LVL 1

Expert Comment

by:ycsi
Comment Utility
If your network does not have one-to-many traffic, enabling multicast pass through will not improve the traffic flow.
However, after re-reading your original message and the clarification comment, I would suggest that multicast is enabled at 5060 - it won't hurt the throughput, just might help in some situations.
0
 
LVL 16

Accepted Solution

by:
ccomley earned 250 total points
Comment Utility
If you're not DOING any multicast, then enabling/disabling it on the SW will make no difference.

If you are doing it but not for anything "legit", then disabling it will help stop the abuse of your system! :)

You could turn on the Viewpoint service of the SW to get a picture of what's using your bandwidth. Or you could look to upgrade the SW to the new edition of SonicOS coming out soon  which includes "Traffic Visualisation" - a massively more powerful traffic monitoring system.

Perhaps the solution you seek is to *start* doing some VLANing.

0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now