Network performance when introducing powerconnect 6224

Question

HI, I wanted to see if anyone has an idea on what may be going on. I manage a small network, and I have a edge router that Verizion manages, and it used wire directlly into my untrusted port on my Juniper firewall.  I decided that I would like to put an IDS monitor on the link between my external router, and the firewall.  I had an older 6224 sittingaround, so I used port 1&2 on that switch to wire into my router and firewall.  Both ports are on VLAN 1(untagged).  I setup another port for my SNORT server to sit on promiscious mode.  I setup DELL mirroring from port 1&2 over to my snort port.  I have done all this and the basic functionality is working.  I'm getting a number of complains about the performance of the network has diminished.  I'm trying to debug if there is something set in the switch that is causing this problem.  I web'ed into the management port on the switch to see if I could see anything.  I looked at the 2 ports in question, and both seem to be set to max speed, which I assume wil lbe 100MBs.  Since we only have a DS3, that should be fine.  Does Mirroring introduce a lot of delay? The one thing I do see is that the ports on the switch are more of an amber color, versus a green.  The snort port is green.  I'm not sure if that is showing me something? I'm not really a networking guy, so I'm a little over my head with this. I see a few other things within the management setup that seems to provide a number of different things to look at.  I'm a little over my head with what type of things to look at for possible culprits for such a simple communication from one port to another.   Any ideas would be welcome.

lcrusher · Answer

Thanks very much for the quick reply. I've noticed that the 2 ports in question are sitting at 1/2 duplex, where another port for the SUN blade that is running the snort is sitting at full duplex. I did load the latest firmware, which was 3.3.7.3. It seemed to load fine. Since I was trying ot get all traffic on the line, I'm not sure that flow based mirroring would ncessarily work.

I had to finally swithc it back, as the performance was dramatic.

I would do DSLreport test with the switch in the mix, and I would get downloads in the 1.3/1.0 MB range. When I wired it directly from Router to firewall, my downloads went to 34 /5 Mb range download/upload. Quite the difference.

I want to gather a plan on what I can realistically try, before taking an outage, and trying this again.

The other issue I found out 15 minutes a go that DELL is telling me that this is EOL back in February, so I can't even buy support for this switch. I like the fact that it is a managable switch, but maybe not the best for running between the firwall and the router.

What do you think.

Networking General

Was this post helpful?