500 gig symetrical bandwidth increase

Author
matanood
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/09/11 11:18:06
  • Status: offline
2019/11/06 11:08:46 (permalink)
0

500 gig symetrical bandwidth increase

I recently purchased a fortinet 200E and copied the config from my 100E. My 100E had a 100 gig symetrical line on it. My 200E now has a 500 gig symetrical line on it but I'm only getting 120/350 on my speed test. I've checked traffic shaper policies but I couldn't find anything that would give me the maximum bandwidth.

Anyone have any ideas?

Thanks
#1

4 Replies Related Threads

    Dave Hall
    Expert Member
    • Total Posts : 1531
    • Scores: 167
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: 500 gig symetrical bandwidth increase 2019/11/06 14:35:17 (permalink)
    0
    How is the 200E connected to the new line - through the RJ45 WAN ports or the SFP ports?  By 500 gig symetrical line, I assume you mean a 500 Mbps symmetrical connection. 
     
    I would suspect possible duplex/speed mismatch between the 200E and the device on the other side of that 500 gig  connection - on the 200E perform the following commands on the CLI:
     
    diag hardware deviceinfo nic <interface name>
     
    where interface name is the 500 gig connection - look for the duplex/speed lines and any rx/tx counter errors - if there are any counter errors, perform the same commands in say 5-10 mins and see those counter errors increase.
     
    If you are no sure of the interface name, enter "diag hardware deviceinfo nic" without the interface name to get a list of interface names. 
     
    The fgt can only connect to the other side based on set rated speeds (eg. autonegotiation).  you can check the possible detected duplex/speed options of an interface by typing the following on the CLI:
     
    config system interface
     edit <interface name>
     set speed ?
     
    The output would be similar to the following:
     
    auto        Automatically adjust speed.
    10full      10M full-duplex.
    10half      10M half-duplex.
    100full     100M full-duplex.
    100half     100M half-duplex.
    1000full    1000M full-duplex.


    I would also check or confirm the equipment on the other side of that 500 gig connection is set up properly.
     

    NSE4/FMG-VM64/FortiAnalyzer-VM/5.4/6.0 (FWF40C/FW92D/FGT200D/FGT101E)/ FAP220B/221C
    #2
    matanood
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/11 11:18:06
    • Status: offline
    Re: 500 gig symetrical bandwidth increase 2019/11/06 20:25:49 (permalink)
    0
    Thanks Dave. I will try as you suggested.

    It's connected through the rj45
    And yes I meant a 500Mbps symetrical line :)
    I have confirmed the other side already works properly.
    #3
    matanood
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/11 11:18:06
    • Status: offline
    Re: 500 gig symetrical bandwidth increase 2019/11/06 20:47:59 (permalink)
    0
    I changed the wan port to each of the duplex settings and ran a test each time I changed it and no settings helped. I'm still getting similar speeds. Do you think it's a traffic shaper setting or my rj45 cable?

    Thanks
    #4
    Dave Hall
    Expert Member
    • Total Posts : 1531
    • Scores: 167
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: 500 gig symetrical bandwidth increase 2019/11/07 10:29:34 (permalink)
    0
    The duplex/speed of the devices at both sides of that WAN connection should be left at auto negotiation.  No actual need to adjust the duplex/speed on the fgt side unless you see any rx/tx error counters increasing on the port (via diag hardware deviceinfo nic <interface name>).
     
    For a 500 Mbps symmetrical line connection, the WAN port connection to the WAN device should be at least showing 1000M full-duplex (if I am not mistaken).
     
    Traffic shaping is generally not used/applied to the WAN connection - you may be thinking of rate-limiting. (Traffic shaping is mainly applied via firewall policy rules).  
     
    On the GUI, check the WAN <interface> connection and see if the Estimated Bandwidth values are set - if not, you should set them according to the expected bandwidth.
     
    Keep in mind that applying various UTM features (via firewall polices) will slow down your device connection (behind the firewall) based on the traffic and amount of packet inspection involved. 
     
    When it comes down to it, you need to first confirm/determine if there is a connection/speed or other factors involve and the best way to do that is direct connect your laptop directly to the ISP equipment and run speeds tests that way.
     

    NSE4/FMG-VM64/FortiAnalyzer-VM/5.4/6.0 (FWF40C/FW92D/FGT200D/FGT101E)/ FAP220B/221C
    #5
    Jump to:
    © 2019 APG vNext Commercial Version 5.5