Maximize Throughput on USG40

steve02a
steve02a Posts: 3
Friend Collector First Comment
edited April 2021 in Security
I have a USG40.  I'm wanting to know how to configure this device to get maximum throughput on it.

Some background:
ISP is Comcast with a 250mbps down and 20 up.
GB network switch and all CAT6 cabling

When I run speed tests from various websites w/the USG40 in place, I get speeds that range from 100 down/5 up to 200 down and 15 up.

When I connect a computer directly to the Comcast modem - no router in place, I can test on 10 different sites, and I'll always get 250 down, 280 down, even up to 320 down and 20-22 up.

That tells me there is some overhead w/the router.

Some specs on the router:
Firmware version 4.33 (latest release)
Session control is set to 0 (zero)
I have active licenses for IDP Signatures, AV, anti-spam, content filter, ADP, and security policy control.  However, I am only using AV and content filter.

I have disabled the AV and content filter, but that doesn't speed up anything, so they are re-enabled.

What other settings can I adjust to get better throughput on this device?  The client is ready to upgrade to a 1000mbps down speed.  I know this router won't let them have that top speed or even come close to it.

Thanks in advance for your reply.

All Replies

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @steve02a
    The throughput will be affect when you enable the Firewall or UTM profiles.
    Since the firewall need to check and analyze each packet, therefore,  it will consume numerous performance.
    On my lab, when disable firewall, the throughput is 210Mbp/s. When enable firewall, the throughput will be 155Mbp/s. However, the statistic of throughput may be different by test machine or test process or test environment.
    Charlie
  • PeterUK
    PeterUK Posts: 2,656  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    You could disable the ADP to speed things up.
  • steve02a
    steve02a Posts: 3
    Friend Collector First Comment
    PeterUK said:
    You could disable the ADP to speed things up.

    Sorry, I'm not using ADP.  I have a license for it, but it's not enabled or being used.  I did read through, that would slow down throughput due to packet inspections.
  • steve02a
    steve02a Posts: 3
    Friend Collector First Comment
    @steve02a
    The throughput will be affect when you enable the Firewall or UTM profiles.
    Since the firewall need to check and analyze each packet, therefore,  it will consume numerous performance.
    On my lab, when disable firewall, the throughput is 210Mbp/s. When enable firewall, the throughput will be 155Mbp/s. However, the statistic of throughput may be different by test machine or test process or test environment.
    Charlie

    How do you disable the firewall?  Not that I would - what's the purpose of having a router/firewall if you don't use the firewall - but I am curious to know how to disable it so I can do some testing.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    edited April 2019
    @steve02a
    As I mentioned, the test with "disable firewall" which means connect to internet directly without firewall. Otherwise, when enable firewall feature, the throughput will be affect on every UTM devices.
    The way to disable firewall.
    You can go to Configuration>Security Policy>Policy Control

    Charlie

Security Highlight