E200E-X1 https web management access slow approach

Publication Date:  2013-10-30 Views:  166 Downloads:  0
Issue Description
by using HTTPS access directly through the public network firewall, open the page very slow, but the firewall and IPSec VPN works fine.
Alarm Information
Handling Process
Firewall running "tcp window 1" command. The default number of bytes transferred tcp window is small, so that a smooth web management html file downloaded to the administrator's PC.
Root Cause
1. by using HTTPS access directly through the public network firewall, open the page is very slow, while ping public addresses, there are about 20ms delay, indicating the public network speed is slow, according to the field test, the download bandwidth of about 0.7M, 0.24M upload bandwidth.
2. HTTPS access through the network directly, no bandwidth limits, faster access, no effect, indicating that the device itself does not deal with the problem, there is no performance bottlenecks.
3. HTTPS access the internal LAN network with the existing version of the same model and capture devices simultaneously.

As can be seen from the figure HTTPS traffic to access the device there is a sudden, up to 8M or so, which is bi-directional traffic statistics.
4. for each flow during the visit were analyzed, as shown below:

As can be seen from the figure, HTTPS access devices, there will be a large number of connections, which have an average rate of connection upload reached 2.67M or so.
5. Since the device WEB page for better visualization, the picture contains more relative to Telnet, SSH plain text access a substantial increase in the flow rate in the case of smaller bandwidth, speed, resulting in slower access device WEB page.
6. In summary, since the customer network bandwidth is insufficient, resulting in slower page HTTPS access equipment.
General users require the use of Web-based management, it is recommended when using the site survey upload bandwidth greater than 3M's network speed.