Hey!
I need some advice from you guys on where to look for the problem.
The network diagram looks like this
WORLD -> FG30E ->2x MikroTik -> 3xESXI 1xNAS
Testing the link from FG -> WAN Using the command diag traffictest run -R -c 45.147.210.189 port 5200 I am getting speeds from 600 to 900 Mbits/sec so let's say its OK
Then I test the connection speed between the FG30E nad Debian Server. I set up iperf3 on a debian server and connect to it from FG30E In this case I get speeds from 916Mb/s to 950Mb/s, so MikroTik switches don't slow down the link
In the last step I make iperf3 from the Debian server to the same address as the test with FG30
I have speeds between 4 and 6 Mbps....
I also tested the speed from a NAS server which is not virtual, the same thing happens...
Where to look for the problem because I have no idea anymore....
Hi Lozd
Created on 04-18-2024 06:07 AM Edited on 04-18-2024 06:08 AM
Which FortiOS version?
6.2.16
Do you have any configured traffic shaping policy
No
Do you notice CPU high load when you perform the test
Max 8%
Can you just try the same test but when disabling all security profiles on the related policy (AV, IPS, Cert inspection, ...)
I don't have any policies enabled. The device is already unsupported and I ran it in the lab for virtual machine testing
There is a known issue on the 30Es which match that behavior being tracked under Bug ID 729975.
If you can see packet loss while pinging the LAN interface and directly connected, there is a good chance you are hitting this bug. I would open a case with TAC for this.
Packet loss at 2.5% (test was very short)
Unfortunately we have not purchased support for 30E devices we treat them as Lab equipment
You are probably hitting the issue then. Unfortunately there is nothing config-wise that can solve it. I am not sure if you can ask for an RMA without a support contract.
Do you know ? if it is possible to get the serial numbers of the devices on which this problem occurs?
To be honest I have about 20 pieces of 30E maybe I can choose the one that is OK
Unfortunately, there is no way to track this issue using Serial numbers. However, whenever you notice there is a slow response with internet access or to get into the GUI. You can always open a support ticket to track and isolate if is affected by the bug mentioned above.
He mentioned he does not have support. He has packet loss pinging the FortiGate interface directly so we already know he is hitting this issue.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.