High latency when connecting to AWS Console through ProxySG/ASG
search cancel

High latency when connecting to AWS Console through ProxySG/ASG

book

Article ID: 249380

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

General slowness or high latency is observed when connecting to AWS Console through ProxySG.

Cause

Packet capture taken on ProxySG shows that AWS Console(Destination) is advertising small TCP Window sizes:

 

It's due to the fact that ProxySG is not configured to use TCP Windows Scaling(RFC1323).

Resolution

To enable Windows Scaling on ProxySG:

  • RFC-1323 has to be Enabled in configuration and TCP window size is set higher than the default of 65535 bytes:

ProxySG>enable
Enable Password:
ProxySG#config t
Enter configuration commands, one per line.  End with CTRL-Z.
ProxySG#(config)show tcp-ip
  RFC-1323 support:             enabled
  TCP Newreno support:          enabled
  IP forwarding:                enabled
  ICMP bcast echo response:     disabled
  ICMP timestamp echo response: disabled
  Path MTU Discovery:           disabled
  TCP silly-window avoidance:   enabled
  Routing algorithm:            weighted-round-robin
  TCP 2MSL timeout:             120 seconds
  TCP window size:              2031585 bytes
  TCP Loss Recovery Mode:       normal
  Bypass connection keep-alive: disabled
  Fast retransmit:              enabled
  Fast TCP FIN_WAIT_2 recycle:  disabled
  SCPS link bandwidth:          (not configured)
  SCPS interface:               (not configured)
  SCPS link rtt:                (not configured)
  SCPS processing:              Disabled

 

 

Additional Information

Powered by Wolken Software