I will narrate the issue just so that it can be documented. I hope it can be passed along as far as it needs to be fully resolved. My Gigabit Fiber WAN is very stable and does not fluctuate.SRX5308 Router Problem with LAN<--> WAN throughput. If the router is booted with any firewall rules enabled, throughput is limited to a rather jittery 95 - 120 Mbps down and under 100 Mbps Up. When booted with all firewall rules disabled and nothing else changed, the throughput is very solid and stable 850 - 930 Mbps down and 900 - 950 Mbps Up.This problem is entirely dependent on the boot configuration having any firewall rules enabled. If the router is booted with any firewall rules enabled then the situation persists (after boot I cannot disable and then re-enable rules to fix it). If the router is booted with all firewall rules disabled then I can enable, disable, enable them without having the problem and it persists (throughput is as expected until there is another reboot). No other settings in the router affect the throughput issues. I have experienced this issue with both firmware versions 4.3.0-19 and 4.3.1-22. I did not have the Gigabit WAN Connection before the 4.3.0-19 version. I have set the router back to manufacturer defaults and then restored settings from .cfg file and it has not changed the issue with either firmware versions. I have even restored the defaults and entirely set up all settings manually from scratch on each firmware revision. Nothing changed and it was many hours of wasted time.This is an escalated issue that must have the “bug” resolved as fiber WAN Links can routinely be had over 100 Mbps

Really?I posted the same issue with SRX5308 to two different forums because they both cover that model device.Maybe you should read my post instead blathering extraneous noise.

This is exactly why forums such as this don't work.I posted an incredibly in depth analysis of a deep rooted bug. It is not specific to extraneous scenarios. When you offer nothing but a tack on it is just noise that gets in the way of resolving the problem.This is a problem with SRX5308 and how it boots with firewall rules enabled. The forums list this model under Wired Firewall and VPN device. So I posted the problem to both forums relating to the SRX5308.By all means if you know something please contribute if not please don't offer distractions.

Please don't post the same text in multiple threads and multiple forums. Keep your issue yours. Feel free to comment in other threads, just don't copy and paste your entire issue.

There is no reason to offend Mods. You do not need to post multiple thread of same regardless of you change some phrase somewhere looks like it is not sameIf you need help be humble and follow the policy said. If you you can not then you are in forum to bash people

Yes, 2 different forums, and multiple threads. Post it in one spot and we'll get a look at it. Posting in a bunch of spots, bash mods, and hassling other forum members is not the way to ask for assistance. This is a user forum. We are not Tech Support. None of us work for Netgear. If you are trying to escalate an issue you are having, you are in the wrong place. Contact Tech Support directly via phone or online trouble ticketing. The last sentence of your first post is confusing. "This is an escalated issue that must have the “bug” resolved as fiber WAN Links can routinely be had over 100 Mbps" Did you already escalate the issue and are just letting us know? Or are you making some sort of a demand here on the forum?

SRX5308 Throughput Reduced with Firewall Rules

31 Replies

maier64
Aspirant
Nov 07, 2014
This is frustrating.
After resetting the router to default and restore the settings with firewall rules disabled it worked.
As soon as I turn on those rules it doesn't anymore, and no matter what I do I can't get it to work unless I reset to default again.

Is there anything else I have to do, maybe you could tell me again step by step how it works for you. Something must be different.
TalmageHolt
Guide
Nov 07, 2014
What works for me is to disable every firewall rule, both incoming and outgoing. Every rule must be disabled.

Once all rules are disabled, reboot router. Enable firewall rules after reboot and everything works...
TalmageHolt
Guide
Nov 07, 2014
Keep in mind if the router ever reboots with rules enabled then it will have the problem.

All rules must be disabled during boot and then enabled.
maier64
Aspirant
Nov 08, 2014
But this is exacly whats not working.

I did some further tests:

Reset to default, empty configuration - Everythings okay.
Load settings with all rules disabled - still fine.

But as soon I do anything in the ruleset, no matter what, enable, delete etc. it's not working anymore.
From this moment on nothing helps, reboot with all rules disabled, settings restore, nothing.

If I reset to default alls fine until I do something with the rules.

Such a expensive router and such a crappy firmware.

Are we 2 the only ones with that problem?
eram
Novice
Dec 08, 2014
I had some issues with my SRX-5308 (Router rebooting with no reason ...)

So I've tried upgradging from firmware srx5308_v3.0.7-45 to srx5308_v4.3.1-22

After the good surprise that all my settings ( :confused: in fact a previous copy of oll my settings) has been reloded after upgrade, i had for the fist time the speed limit problem : WAN @ 300Mbs / LAN @ 100MBs

I've reseted the router to factory settings -> speed OK :)
Set some Firewall rules (simple stuff : 2 http; 2 https) -> OK :)
Rebooted -> Speed issue :(

Reloaded backup config (lots of rules) & Reboot :( no more luck
Disabled All firewall rules & Reboot :)
Re-validated rules (no reboot) :) still runnig at full speed

Trick worked but I don't feel secure ...

Nhellie

Virtuoso

Dec 08, 2014

eram wrote:
I had some issues with my SRX-5308 (Router rebooting with no reason ...)

So I've tried upgradging from firmware srx5308_v3.0.7-45 to srx5308_v4.3.1-22

After the good surprise that all my settings ( :confused: in fact a previous copy of oll my settings) has been reloded after upgrade, i had for the fist time the speed limit problem : WAN @ 300Mbs / LAN @ 100MBs

I've reseted the router to factory settings -> speed OK :)
Set some Firewall rules (simple stuff : 2 http; 2 https) -> OK :)
Rebooted -> Speed issue :(

Reloaded backup config (lots of rules) & Reboot :( no more luck
Disabled All firewall rules & Reboot :)
Re-validated rules (no reboot) :) still runnig at full speed

Trick worked but I don't feel secure ...

eram wrote:
I had some issues with my SRX-5308 (Router rebooting with no reason ...) So I've tried upgradging from firmware srx5308_v3.0.7-45 to srx5308_v4.3.1-22 After the good surprise that all my settings ( :confused: in fact a previous copy of oll my settings) has been reloded after upgrade, i had for the fist time the speed limit problem : WAN @ 300Mbs / LAN @ 100MBs I've reseted the router to factory settings -> speed OK :) Set some Firewall rules (simple stuff : 2 http; 2 https) -> OK :) Rebooted -> Speed issue :( Reloaded backup config (lots of rules) & Reboot :( no more luck Disabled All firewall rules & Reboot :) Re-validated rules (no reboot) :) still runnig at full speed Trick worked but I don't feel secure ...

Have you contacted support to see if there is a beta or new FW to fix this issue?

maier64
Aspirant
Dec 09, 2014
Glad that those workrounds work for others, unfortunately it doesn't on mine.
Of course I contacted the suppurt, but since 90 days after purchase are over, they won't help me unless I pay something around 90 Euros.
Screw them.
I bought now a Cisco router, no problems anymore.

Never anything from Netgear again.
eram
Novice
Dec 14, 2014
Nhellie26 wrote:
Have you contacted support to see if there is a beta or new FW to fix this issue?

No, but reading the above comment, i'll also give a try to another brand.

We use 5 Netgear routers, we had issues and strange behaviors with all (SRX & FVX538 Dual Lan), and have equipped our customers with the same products ...

I don't think something like a router (no so complex) should require beta releases years after launch. That's the kind of stuff i'm expecting to work out of the box, without crashing, or having out of specs issues. I've replaced linux boxes by these smaller appliances for more simplicity.

Nhellie26 wrote:
Have you contacted support to see if there is a beta or new FW to fix this issue?

Nhellie

Virtuoso

Dec 15, 2014

eram wrote:

I don't think something like a router (no so complex) should require beta releases years after launch. That's the kind of stuff i'm expecting to work out of the box, without crashing, or having out of specs issues.

eram wrote:
I don't think something like a router (no so complex) should require beta releases years after launch. That's the kind of stuff i'm expecting to work out of the box, without crashing, or having out of specs issues.

I understand, but the purpose of a beta firmware is to fix a specific issue or try out a new feature. Every manufacturer has bugs and issues on their software(s), what I'm just trying to say is to exhaust every possible solution rather than buying new products. Helps you and your company save money.

thepbxkid
Aspirant
Dec 22, 2014
TalmageHolt - you are totally correct in what you are saying. I have 13 of these devices on our corporate network (handling multiple VPN tunnels and external rules).

The performance decreases when you add outbound rules. VPN connections are not totally stable even between the same device on the same MLPS fiber network. The srx5308_v4.3.0-19 firmware works best but the configuration backup issue plays into effect when restoring a configuration file of over 450 kilobytes.

Trust me... I feel your pain. I call netgear support (have you done a factory reset - yes, have you tried reloading the configuration- yes, etc).

Rob

Forum Discussion

SRX5308 Throughput Reduced with Firewall Rules

31 Replies

Related Content

ProSafe Srx5308 Firewall

Bridge 2 Networks with SRX5308 Help

RS700 firewall

Firewall nur für das LAN

LM1200: Throughput

NETGEAR Academy

ProSupport for Business