ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

Unpredictable latency: how to diagnose/repair?

12.27.11   |  
‎12-27-2011 09:04 AM

We've been having unpredictable latency issues with our web application server, which is behind an SSG5 firewall box running ScreenOS 6.2.  I've narrowed down the issue to network latency, not server application latency, as the web server responds promptly to requests when it receives them (I logged the initial request time versus the time to send a response, it's reasonable), and the application programs do not take very long to run.  What I'm seeing is a variable delay, sometimes less than a second, other times upwards of 30 seconds, between when the web browser sends a request and when the web server first receives it. 


I'm suspicious that this might be a "buffer bloat" issue; the chaotic latencies match the symptoms described in Gettys' papers on the subject.  Unfortunately, while I'm comfortable with the basics of ScreenOS, I don't have intimate knowledge of its internals, so I wouldn't know how to find the stats for the interface transmission buffers, much less change their sizes.  Is there a way to check this, and possibly configure the router's buffers to a smaller size?


Avi Blackmore

Head Programmer/System Administrator

Agri ImaGIS Technologies, Inc.