USG210 VLAN-VLAN Speed-Problem

John_A
John_A Posts: 2
First Comment
edited April 2021 in Security
When moving a server to a different VLAN, I discovered a massive drop of network-speed between different VLANs: from 980 MBit/s to 280 Mbit/s.
Tested with filecopy and TCP-IO-Tools.

With further testing, I was able to reproduce the problem with every constellation.
Within any VLAN, speed is perfect, but once I put the same machine into a different VLAN, the speed drops to almost 1/4 of Gigabit-Speed.

Without BWM and APD, there is a slight gain of 30 Mbit.
Memory is always around 60%, Sessions around 1.500 and CPU at 3%.

The only noticable "reaction" of the Zyxel during filetransfer is a rise of the CPU to 10%.
The only neccessary rule is a Security Policy Route, allowing VLAN-VLAN-traffic.

My question:
Is there a (hardware- or software-)limitation in the USG210 concerning VLAN-VLAN-traffic-speed?

Regards,
John

(I already posted this yesterday, but for whatever reason, the post got deleted after I tried to add tags)

Accepted Solution

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,361  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @John_A  

    Speed is perfect when client and server are belonging to same VLAN.

    It is because the traffic is forwarding on switch directly but not forwarding to USG.

     

    If you move server to different VLAN, the destination are belonging to different IP subnet so the traffic will route by USG.

    USG will check the IP header and route to correct destination, so the CPU loading will higher than before.

    As your test scenario, transmitting the traffic by 1 session the performance is very close to test result.

  • John_A
    John_A Posts: 2
    First Comment
    Thanks for the reply, Stanley.

    So, if I understand you correctly, my 280 MBit/s for InterVLAN-Speed is already the maximum for one session?

Security Highlight