Solved

Slowdown on Sonicwall OS and Internet

Posted on 2014-09-30
9
156 Views
Last Modified: 2016-11-23
I am running a Sonicwall NSA 3500 with secondary HA configured on port X5. Everything was running fine until about 3 weeks ago when we started having massive slowdown on internet sites. I checked with our T1 provider but everything is running fine on their end. What's really weird is not only is the internet slow but navigating on the Sonicwall OS itself is very slow. It will take several seconds to go from page to page where before this problem it was almost instant. I'm accessing it from a local address so I fear something is wrong.

A few other notes:

1) We have a separate load balancer. However this is BEFORE the Sonicwall and it doesn't seem to be having any trouble.

2) We have many VPN tunnels - About 47. (It's the backbone of our business.) From what I've read this unit should easily be able to handle this but could they somehow be contributing to this problem? I first noticed the slowdown when I added our latest tunnel but I assumed it was a coincidence.

3) We also use this Sonicwall for DHCP and Content filtering. Again, there hasn't been a problem up until now.


Before I try to deal with Dell support I thought I'd try here. I can't seem to find any reason for the slowdown on the Sonicwall OS and the internet speed in general. All diagnostics I can think of pass without issue. Any help is appreciated.
0
Comment
Question by:Tarkisal
  • 5
  • 4
9 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 40354250
I would try a few things to try to isolate this:

1. Check the Sonicwall logs for anything out of the ordinary
2. Update to latest version of SonicOS (be sure to export the config before this, just in case)
3. Run a traceroute from any pc on the lan to Sonicwall LAN interface to insure nothing unusual appears
4. Turn off all the services (content filter, ips etc) and see if it makes a difference. If it does, add back one at a time until you find the one that causes the problem.

Post back after this.
0
 

Author Comment

by:Tarkisal
ID: 40354468
Thanks for the response. Here is what I found out:

1. From what I can tell I don't see anything wrong in the logs. At least nothing obvious.
2. I am currently on the latest SonicOS. Originally I was a version behind and I upgraded to the latest in the hopes it would fix this problem.
3. The traceroute seems to be running properly. Hopping from my local computer to the lan address of the Sonicwall netted me a result of under one ms.
4. I tried systematically turning off IPS and content filter for each zone one at a time. Sadly, this didn't produce any results.

One more thing I have noticed - The internet and the SonicOS are very slow here. However, remoting into my PC at home and connecting to the Sonicwall through it's external web address allowed me normal, quick and fluid access through the SonicOS. Is there anything that could cause slowdown locally but no problems through the external adress?
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40354620
Given your last piece of information I would guess that you have a routing problem on your LAN. I would check the settings for the default gateway, dns, and duplex settings.

Also, I am guessing that  your Sonicwall is probably connected to a switch, so I would check the settings for that as well.

If my assumption about a switch is correct, and you don't find anything else. I would try moving the Sonicwall to a different port on the switch.

Also, if you find nothing else I would take one pc and change it to use google dns servers as a test, and see if it makes any difference in speed. (Are you running your own dns servers?)

Please post back the results.
0
 

Author Comment

by:Tarkisal
ID: 40354792
I think you may be on to something!

I changed The IPv4 DNS settings (Network -> DNS on the SonicOS) from specify IPv4 DNS servers manually, which was pointing to my local DNS servers, to Inherit DNS settings from WAN zone, which were already set to use the google public servers. As soon as I made that change I changed my local PCs DNS servers settings to the google DNS servers as well. After that my connection was lightning fast. I made the change on a few other PCs to test and all of them so a huge speed improvement.

So now, what does this tell us? Is there something wrong with my Windows servers acting as DNS? Is there any harm or security risk in using google's DNS servers?

The other thing I noticed is the SonicOS is still quite slow. Do I need to change something else to improve that?

I haven't tried moving the port on the switch yet since it will impact users. If I need to I can change it at the end of the business day.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Comment

by:Tarkisal
ID: 40354832
One more thing I noticed - by changing everything across the board to the Google DNS servers my system no longer resolves local addresses correctly. For example, what once used to come up with the correct internal address of 192.168.1.231 is now coming up 50.63.124.1. Clearly this current setup isn't going to work.
0
 
LVL 20

Accepted Solution

by:
carlmd earned 500 total points
ID: 40354978
OK, you have a split dns setup that is resolving local address internally. By changing to google servers directly, you bypass this, which in you case is not correct. However, I think you have proven that dns is at least part of the problem. Did you make any changes to the Windows dns server around the time the speed issue appeared?

Put your dns back to the way you originally had it. Then do nslookup on a pc (using a command prompt), on a common site like google.com or ibm.com, how quickly does it return. Then in the same nslookup session change it to look at the google servers (use the site option) and see how it compares.

You could also try a traceroute to the dns server to be sure there is no issue in the path.

Also, I would try accessing the web from the dns server itself and see if it is any faster there.
0
 

Author Comment

by:Tarkisal
ID: 40355313
So I put my DNS back the way I had it and followed your suggestions

-Nslookup to IBM or Google times out when using my local DNS severs. Using the Google public DNS I get an immediate response.

-Traceroute to the DNS server showed no problem

-The web from the local DNS server is as slow as anywhere else.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40356701
This tells me that there is something wrong with the way you have your dns server setup.

Here are some articles on how to set it up. These might help you diagnose the problem.

http://www.petenetlive.com/KB/Article/0000830.htm

http://www.thesuperkev.com/2012/10/setting-up-split-dns-in-windows-server.html
0
 

Author Comment

by:Tarkisal
ID: 40357394
I got it! Last night I went into the DNS server and realized the Forwarding zones were pointing to two servers that no longer existed. By changing these to the Google DNS the internet speed improved instantly. Everything is now working perfectly.

The SonicOS itself is still delayed but since nothing else seems to be affected I'm going to assume it's a separate issue.

Thanks again!
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now