Hi everyone,
I could use some help today. We're experiencing some unusual WAN latency issues.
We have a setup using a pair of FortiGate-120G and FortiGate-100F devices with a WAN configured in LACP with 2x1Gb links. The network connection is structured as follows:
WAN ISP (LACP 2x1Gb) <----> 120G (in Transparent mode on VDOM) <----> 100F <----> LAN
When our WAN traffic increases, we notice a rise in latency, particularly visible with ping probes. Could this be an issue with the ISP, a security profile, or something related to NPU offloading or ASIC processing?
Thanks
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Johnathan,
Thanks for your response. After some test, if I reduce the bandwidth around 500Mbps the latency is now "normal". Between my environnement and my FAI, I have two 1GB link with copper (connected on 10Gb switches). I suspected the copper medium to be the bottleneck because latency is high when traffic reach 1Gb on one interface.
I would assume that you would be able to ping towards the internet on each hop to see where the latency actually lies. For example, if you are able to ping with good latency while the issue is occurring on the 120G, it is probably not the ISP and is either that device or something downstream causing the issue.
Depending on what security features you have enabled and what inspection mode the policies are in, it can introduce some more latency. Are you able to show us the relevant policies on the 120G and 100F?
Hi Johnathan,
Thanks for your response. After some test, if I reduce the bandwidth around 500Mbps the latency is now "normal". Between my environnement and my FAI, I have two 1GB link with copper (connected on 10Gb switches). I suspected the copper medium to be the bottleneck because latency is high when traffic reach 1Gb on one interface.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.