Page 1 of 2 12 LastLast
Results 1 to 10 of 12
  1. #1
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default Slow performance on Untangle

    I've got Untangle running at my home, on a Atom D2550 w/ 2g of Ram, as suggested in numerous posts before. (Link to hardware here)

    However, I've noticed over the weekend while doing some bandwidth intensive tasks that it's adding a pretty heavy overhead to the network. I have a dedicated 100/100 connection at home, and the most I'm able to push though it is about 75/75. I removed Untangle and tested with just a standard machine directly into the modem, and I"m pulling the full 100/100.

    I'm currently running only Firewall, ad blocker, and reports. Just 2 users behind it, so nothing special there. Am I being hardware limited? Something I should test out? That box has 2 Dual Broadcom 57788 nics in it, is it a crappy interface issue?

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,071

    Default

    If you've got 100/100 I think you may need more RAM. Those NICs should be able to push it, but you need real RAM for packet buffers, those operations can't be paged. Untangle is going to sit in a bit more than 1gb of that RAM. The additional 1gb SHOULD be enough but things happen.

    It's more art than science in this realm, but CPU = latency, RAM = throughput... roughly... very roughly.

    At those velocities you honestly could be running out of PCI bus too. That's why my appliances have several, but most desktop boards only have 1 PCI bus everything lives on.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Here is a capture of my current ram usage, during downtime. I've never seen it sit above 1g.

    Or do I need to check via CLI using TOP to get actual use?Image.png
    Attached Images Attached Images

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,098

    Default

    Do you have QoS on? Config -> Network -> Advanced -> QoS . Is the WAN Bandwidth set correctly?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Quote Originally Posted by jcoffin View Post
    Do you have QoS on? Config -> Network -> Advanced -> QoS . Is the WAN Bandwidth set correctly?
    QoS is off. Wan Bandwidth is set correctly. Should I turn QoS on, and give it a shot there?

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,071

    Default

    If QoS is off the settings won't matter. JCoffin is correct to have you look there though, your performance numbers seem... too round to be a normal performance issue. Your speeds aren't variable at 75mb? They're always in the same place when you run the test?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Quote Originally Posted by sky-knight View Post
    If QoS is off the settings won't matter. JCoffin is correct to have you look there though, your performance numbers seem... too round to be a normal performance issue. Your speeds aren't variable at 75mb? They're always in the same place when you run the test?
    No, 75 has been max. It averages between 64 and 75, which I'd assume is just normal fluctuations. However, if I hook straight up to the modem and bypass Untangle, I'm getting between 95 and 100. So, only difference I can track down is untangle in the middle.

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,071

    Default

    You're going to lose performance thanks to well everything Untangle does, it takes time. It's going to be interesting as we move into an age where 1gb+ data connections are common. You need very special hardware to get to full speed at that level, and the $50 junket routers simply aren't up to the task. Incidentally, most desktop grade hardware solutions aren't either.

    What's up with your design? I'm not sure... I'd have to put some test equipment on both sides of it and floor it to see what its max is.

    Try this:

    Open up a console
    Run this command: /etc/init.d/untangle-vm stop

    Run your test.

    Use /etc/init.d/untangle-vm start to get Untangle to crank up again.

    If you're still at the same speeds when the VM is stopped, your hardware has a cap and you're stuck. If it goes full speed with the VM off, then something in your configuration is causing the slowness. This could also be a hardware limitation, but one that only shows when the UVM is engaged (CPU / RAM limitation).
    Last edited by sky-knight; 11-30-2014 at 04:46 PM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  9. #9
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Looks like it's a hardware cap. Good to know, at least. Time to upgrade! Thanks for the help!

  10. #10
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,786

    Default

    Quote Originally Posted by sky-knight View Post
    It's going to be interesting as we move into an age where 1gb+ data connections are common. You need very special hardware to get to full speed at that level
    It's a long ways down the road yet, but here's to an eventual/inevitable Untangle release with support for GPU off-loading. GPU stream processors are perfect for this kind of work.

    Thinking ahead on this, the challenges are needing to be able to fall back for servers with weak or no GPUs, meaning effectively implementing everything twice, and integrating with third party anti-virus/anti-spam solutions, as needing to go back and forth between GPU and CPU for those packets will kill performance. I guess they could just make sure those rack items that must be done in the CPU are all handled either at the very beginning or very end of the rack app pipeline.
    Last edited by jcoehoorn; 12-01-2014 at 08:54 AM.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 15.1.0 to protect 500Mbits for ~450 residential college students and associated staff and faculty

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2