Upload through the ProxySG could be slower compared to without ProxySG due to smaller TCP Window Size

book

Article ID: 167098

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

Uploads through the ProxySG could be slower compared to without proxy due to TCP Window Size

Due to compatibility issues with network devices that do not support RFC-1323, SGOS running the following versions and above will only selectively enable RFC-1323:
- SG 5.4.5.1
- SG 5.5.4.1
- SG 6.1.2.1 and newer SG 6.x versions

Earlier versions have RFC-1323 enabled with the TCP Window Scale value of 6.

When RFC-1323 is not enabled or enabled but uses the Window Scale value of 1, it could render the upload process slower due to network latency and SG not able to utilize the larger TCP Window.

Resolution

To overcome this, with the possibility of failure in accessing sites that do not support the Window Scale TCP Option used by RFC-1323, ensure RFC-1323 is enabled, increase the TCP Window Size appropriately. Restart the ProxySG if the settings do not take effect.

SG200#config terminal
Enter configuration commands, one per line.  End with CTRL-Z.
SG200#(config)tcp-ip rfc-1323 enable
  ok
SG200#(config)tcp-ip window-size ?
 <window size>
SG200#(config)tcp-ip window-size 393215
  ok
SG200#(config)exit
SG200#disable

The default value is 65535

The maximum acceptable value is 4194304