× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. November 2005

Re: FTP and file transfer speeds

Chad,
Clearly you are correct in moving to a switch rather than hub environment. Setting the iSeries line description to 100Mbps and Full Duplex are also important. I don't think you have an issue on the connection from the iSeries to the inside network because 9900+ Mpbs is fairly close to full network utilization (12000KBps translates roughly to 100Mbps) You won't get anywhere close to that if the connection is poor. I would still verify that the switch port is also set to 100Mpbs and Full duplex rather than AUTO and AUTO, especially with Cisco or Dell switches. Also verify the current speed and duplex match to the iSeries.
Now the PIX itself will transfer at wire speed but it too can have problems with speed and duplex. So on the Pix do to SHOW INTERFACE and observe the reported speed and duplex for the various interfaces. Then do the same on the switches and observe the ports the PIX is connected to. I have found that even with Cisco switches the dadgum PIX gets it wrong. Usually the speed is correct at 100Mpbs but the duplex on the PIX shows one thing and the switch shows the other. This of course will drag bandwidth down dramatically. Of course it makes sense to verify the speed and duplex of the target server and it's switch port as well. I'll bet you find a mismatch in there someplace and correcting it will bring speeds to the DMZ to within 10% of the inside network. 

 - Larry

ChadB@xxxxxxxxxxxxxxxxxxxx wrote:

Hello all... i'm working on an file transfer speed issue we first noticed
while installing some apps to various iSeries boxes on our network that are
plugged in to various locations/firewall zones.  Through some more detailed
testing, here's what i'm finding.  Originally, the 'slow' interfaces were
plugged in to a 100/half hub that provides connectivity to our DMZ zone on
our Pix 515.  I've since replaced that hub with a 100/full switch and
reconfigured the *LINDs to the new speed/duplex.  Some retransmits on the
various interfaces I was tracking are looking better since the change (2%
now on the DMZ boxes rather than 4% with the hub), but the file transfers
are still showing the 'SLOW' behavior.

I'm now wondering if this is more of a firewall issue than a
hardware/config issue... is file transfer throughput between different
firewall zones impacted this much by a PIX?

Any advice will be appreciated... details are below:


With 100/Full switch in place for DMZ connections:
|-----------------+-----------------+-----------------+-----------------|
|IP Address       |Firewall         |Time to FTP      |Throughput       |
|                 |Zone/Hub/Switch  |(seconds)        |(Kbytes/second)  |
|-----------------+-----------------+-----------------+-----------------|
|a.a.a.a          |Inside           |.95              |7000.15          |
|-----------------+-----------------+-----------------+-----------------|
|b.b.b.b          |DMZ              |34.34            |194.26           |
|-----------------+-----------------+-----------------+-----------------|
|c.c.c.c          |DMZ              |19.23            |346.84           |
|-----------------+-----------------+-----------------+-----------------|
|d.d.d.d          |Inside           |3.55             |1880.78          |
|-----------------+-----------------+-----------------+-----------------|
|e.e.e.e          |DMZ              |18.63            |358.18           |
|-----------------+-----------------+-----------------+-----------------|
|                 |                 |                 |                 |
|-----------------+-----------------+-----------------+-----------------|




With 100/Half hub in place for DMZ connections:
|-----------------+-----------------+-----------------+-----------------|
|   IP Address    |    Firewall     |   Time to FTP   |   Throughput    |
|                 | Zone/Hub/Switch |    (seconds)    | (Kbytes/second) |
|-----------------+-----------------+-----------------+-----------------|
|     a.a.a.a     |     Inside      |       .67       |     9927.29     |
|-----------------+-----------------+-----------------+-----------------|
|     b.b.b.b     |       DMZ       |      13.56      |     491.86      |
|-----------------+-----------------+-----------------+-----------------|
|     c.c.c.c     |       DMZ       |      32.49      |     205.35      |
|-----------------+-----------------+-----------------+-----------------|
|     d.d.d.d     |     Inside      |      2.28       |     2924.66     |
|-----------------+-----------------+-----------------+-----------------|
|     e.e.e.e     |       DMZ       |      23.25      |     286.92      |
|-----------------+-----------------+-----------------+-----------------|

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.