Hello community,

I have a issue with my Cisco SG300-52 when it's used as device for inter-vlan routing. The switch is set to L3 mode, has some VLANs with IP address for routing (.254) created and should do the routing between VLANs. The switch also has a default route to a NAT router, which seems basically to work.

The problem is now, when I want to do the routing as following:

- Client in VLAN 110: 192.168.110.0/24 (DHCP enabled from switch)

- client in this VLAN 110 gets GW address by DHCP= 192.168.110.254 (which is the virtual address of the VLAN interface)

- next hop per default route is the NAT router (VLAN 100 virtual interface on switch = 172.19.1.1/24)

- NAT router has IP address 172.19.1.2/24 (I know, mask can be shortened)

- NAT router has the route backwards to 192.168.110.0/24 and other VLANs

- Problem is the same in all VLANs

Basically this all works, but if I connect a computer directly to the NAT router I have full line speed (50.000 mbit/s) as expected. If trying same speed test from the clients in vlan 110 the routing works but is ~2000-10.000 mbit/s; going up and down very much and also getting SSL errors on well known pages like https://ubuntu.com

 A simple ping -t to my gateway address (in SG300) on the clients is already showing me, that there's something strange going on but I don't know where to search. The ping (directly connected to SG300, cables already exchanged) should be <=1ms constant to the default gateway (vlan ip for routing), but it's going up and down between 1ms and 10 ms, sometimes going up to 30ms. I didn't build up Wireshark yet with a port mirror, just because of time reasons.

But maybe anybody of you guys has ideas, what I could check? I can't imagine, that the SG300 is such a bad device.

Thanks for your advise/help in advance!

Markus