?
Solved

Slowdown on Sonicwall OS and Internet

Posted on 2014-09-30
9
Medium Priority
?
171 Views
Last Modified: 2016-11-23
I am running a Sonicwall NSA 3500 with secondary HA configured on port X5. Everything was running fine until about 3 weeks ago when we started having massive slowdown on internet sites. I checked with our T1 provider but everything is running fine on their end. What's really weird is not only is the internet slow but navigating on the Sonicwall OS itself is very slow. It will take several seconds to go from page to page where before this problem it was almost instant. I'm accessing it from a local address so I fear something is wrong.

A few other notes:

1) We have a separate load balancer. However this is BEFORE the Sonicwall and it doesn't seem to be having any trouble.

2) We have many VPN tunnels - About 47. (It's the backbone of our business.) From what I've read this unit should easily be able to handle this but could they somehow be contributing to this problem? I first noticed the slowdown when I added our latest tunnel but I assumed it was a coincidence.

3) We also use this Sonicwall for DHCP and Content filtering. Again, there hasn't been a problem up until now.


Before I try to deal with Dell support I thought I'd try here. I can't seem to find any reason for the slowdown on the Sonicwall OS and the internet speed in general. All diagnostics I can think of pass without issue. Any help is appreciated.
0
Comment
Question by:Tarkisal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 40354250
I would try a few things to try to isolate this:

1. Check the Sonicwall logs for anything out of the ordinary
2. Update to latest version of SonicOS (be sure to export the config before this, just in case)
3. Run a traceroute from any pc on the lan to Sonicwall LAN interface to insure nothing unusual appears
4. Turn off all the services (content filter, ips etc) and see if it makes a difference. If it does, add back one at a time until you find the one that causes the problem.

Post back after this.
0
 

Author Comment

by:Tarkisal
ID: 40354468
Thanks for the response. Here is what I found out:

1. From what I can tell I don't see anything wrong in the logs. At least nothing obvious.
2. I am currently on the latest SonicOS. Originally I was a version behind and I upgraded to the latest in the hopes it would fix this problem.
3. The traceroute seems to be running properly. Hopping from my local computer to the lan address of the Sonicwall netted me a result of under one ms.
4. I tried systematically turning off IPS and content filter for each zone one at a time. Sadly, this didn't produce any results.

One more thing I have noticed - The internet and the SonicOS are very slow here. However, remoting into my PC at home and connecting to the Sonicwall through it's external web address allowed me normal, quick and fluid access through the SonicOS. Is there anything that could cause slowdown locally but no problems through the external adress?
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40354620
Given your last piece of information I would guess that you have a routing problem on your LAN. I would check the settings for the default gateway, dns, and duplex settings.

Also, I am guessing that  your Sonicwall is probably connected to a switch, so I would check the settings for that as well.

If my assumption about a switch is correct, and you don't find anything else. I would try moving the Sonicwall to a different port on the switch.

Also, if you find nothing else I would take one pc and change it to use google dns servers as a test, and see if it makes any difference in speed. (Are you running your own dns servers?)

Please post back the results.
0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 

Author Comment

by:Tarkisal
ID: 40354792
I think you may be on to something!

I changed The IPv4 DNS settings (Network -> DNS on the SonicOS) from specify IPv4 DNS servers manually, which was pointing to my local DNS servers, to Inherit DNS settings from WAN zone, which were already set to use the google public servers. As soon as I made that change I changed my local PCs DNS servers settings to the google DNS servers as well. After that my connection was lightning fast. I made the change on a few other PCs to test and all of them so a huge speed improvement.

So now, what does this tell us? Is there something wrong with my Windows servers acting as DNS? Is there any harm or security risk in using google's DNS servers?

The other thing I noticed is the SonicOS is still quite slow. Do I need to change something else to improve that?

I haven't tried moving the port on the switch yet since it will impact users. If I need to I can change it at the end of the business day.
0
 

Author Comment

by:Tarkisal
ID: 40354832
One more thing I noticed - by changing everything across the board to the Google DNS servers my system no longer resolves local addresses correctly. For example, what once used to come up with the correct internal address of 192.168.1.231 is now coming up 50.63.124.1. Clearly this current setup isn't going to work.
0
 
LVL 20

Accepted Solution

by:
carlmd earned 2000 total points
ID: 40354978
OK, you have a split dns setup that is resolving local address internally. By changing to google servers directly, you bypass this, which in you case is not correct. However, I think you have proven that dns is at least part of the problem. Did you make any changes to the Windows dns server around the time the speed issue appeared?

Put your dns back to the way you originally had it. Then do nslookup on a pc (using a command prompt), on a common site like google.com or ibm.com, how quickly does it return. Then in the same nslookup session change it to look at the google servers (use the site option) and see how it compares.

You could also try a traceroute to the dns server to be sure there is no issue in the path.

Also, I would try accessing the web from the dns server itself and see if it is any faster there.
0
 

Author Comment

by:Tarkisal
ID: 40355313
So I put my DNS back the way I had it and followed your suggestions

-Nslookup to IBM or Google times out when using my local DNS severs. Using the Google public DNS I get an immediate response.

-Traceroute to the DNS server showed no problem

-The web from the local DNS server is as slow as anywhere else.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40356701
This tells me that there is something wrong with the way you have your dns server setup.

Here are some articles on how to set it up. These might help you diagnose the problem.

http://www.petenetlive.com/KB/Article/0000830.htm

http://www.thesuperkev.com/2012/10/setting-up-split-dns-in-windows-server.html
0
 

Author Comment

by:Tarkisal
ID: 40357394
I got it! Last night I went into the DNS server and realized the Forwarding zones were pointing to two servers that no longer existed. By changing these to the Google DNS the internet speed improved instantly. Everything is now working perfectly.

The SonicOS itself is still delayed but since nothing else seems to be affected I'm going to assume it's a separate issue.

Thanks again!
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month14 days, 8 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question