Slow throughput of tftp traffic through FWSM

APatotski · ‎03-18-2013

I have FWSM ver 3.2 (L2 multiple contexts).

We get a very low performance for tftp traffic. We are implementing remote boot for PCs. TFTP server is behind the firewall. The throughput of tftp is about 0,5 - 2,5Mbps depending on the inspection of TFTP is on or off.

The same file is downloaded with windows file sharing protocols 100 times faster.

What are the reasons?

Thanks.

jocamare · ‎03-18-2013

Can you provide a copy of the configuration?

Is TFTP the only "affected" protocol?

Julio Carvajal · ‎03-18-2013

You will need to run some captures in order to determine the Round Trip Time, this will let us know if the FWSM is the one causing latency on the network.

Regards,

Julio Carvajal

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

APatotski · ‎03-25-2013

We have been tried a few tests. Below are some of the results:

The file of 100 Mb was transmitted without FWSM by tftp for 29 sec.

The same file of 100 Mb was transmitted with FWSM (tftp inspection is off) by tftp for 62 sec.

Sniffer shows that every packet is 1408 byte. Each packet is acknowledging during transmission.

So the file of 100MB is transmitted with using 100000000/1408 =71000 packes.

33sec/71000 = 0,46 ms – this is two way delay introduced by FWSM. One way delay is 0,23 ms.

Is it normal delay or not?

jocamare · ‎03-26-2013

Want to confirm it?

Try to capture the same traffic on both FWSM interfaces, then determine the time it took some of the packets to traverse the unit by checking at the time the packet reports it was captured.