Intrusion Prevention is killing router performance

Topics pertaining to SRM usage, usability and management
Forum rules
We've moved! Head over to Synology Community (community.synology.com) to meet up with our team and other Synology enthusiasts!
Boo_hoo
I'm New!
I'm New!
Posts: 4
Joined: Sun Mar 18, 2018 12:45 am

Re: Intrusion Prevention is killing router performance

Unread post by Boo_hoo » Tue Mar 20, 2018 1:44 am

pepeEL wrote:For me this app slowdown speed internet... after uninstall speed wan is ok.
I had the exact same experience with the intrusion detector in prevention mode. My download(wan) speed dropped from 30MB/s to 8MB/s. The detection mode does not appear to affect speeds.
Is there a way to add exceptions for Ip addresses or applications?

chrysek
Beginner
Beginner
Posts: 22
Joined: Mon Jan 31, 2011 2:58 pm

Re: Intrusion Prevention is killing router performance

Unread post by chrysek » Wed Mar 28, 2018 8:36 pm

Boo_hoo wrote:
pepeEL wrote:For me this app slowdown speed internet... after uninstall speed wan is ok.
I had the exact same experience with the intrusion detector in prevention mode. My download(wan) speed dropped from 30MB/s to 8MB/s. The detection mode does not appear to affect speeds.
Is there a way to add exceptions for Ip addresses or applications?
I had the same issue, had to disable it as it was just unbearable slow :(

wutikorn
I'm New!
I'm New!
Posts: 7
Joined: Thu Mar 23, 2017 3:25 pm

Re: Intrusion Prevention is killing router performance

Unread post by wutikorn » Fri Mar 30, 2018 4:57 am

rolandrat wrote:I swapped my usb3 stick to a SSD usb3 disk and im finding the performance to be totally fine with IPS set to drop - its been running 24hrs now with no loss of connection.
Ive loaded the gui from time to time and each time it appears responsive and totally fine.
When you set to drop, what perfermance/speed bandwidth are you able to acheive? Over 100Mbps?

EdK
Beginner
Beginner
Posts: 29
Joined: Mon Feb 21, 2011 8:15 am

Re: Intrusion Prevention is killing router performance

Unread post by EdK » Sat Jul 28, 2018 12:19 am

Just for some updates and current real internet speed test numbers for RT1900ac router with IPS (Intrusion Prevention Service) running in "Prevention Mode" vs. Turned off for a slow and a fast SD Card and a USB3 HDD.
>>I have no data on "Detection Mode" or how it might be different.

Setup:
Wireless router mode with Smart Connect enabled
SRM firmware = 1.1.7-6941 Update 1
IPS version = 1.0-1002
Default IPS Signatures - no changes
Firewall on but no filtering
DHCP yes with some reserved addresses
enabled Guest network on 2.4 GHz only
disabled external access
disabled traffic control
Parental control enabled (but none going on during testing)
uPnP enabled (no comment)
Time Machine on attached new 2TB USB3 slim portable drive
USB set to USB2 for reduced interference unless testing as below
no FTP, no download station, no port forwarding, no port triggering, no DMZ, no VPN, no IPv6, no 3G/4G, no second connection to WAN

Baseline: IPS Off - Speedtest.net about 150 down and 15 up (this is stated speed of ISP package so that is fine/typical/expected). Tested with a new 2TB slim USB HDD and 2 different SD cards inserted and system/database tested on each. No difference as long as IPS was not running.

Scenarios:
1. low speed SD memory with USB2 set = IPS On with system/database on old 32GB Class 4 (C4) SD card - 45 MB/s down 15 MB/s up. USB set to 2.0 for reduced interference.
2. low speed SD memory with USB3 set = IPS On with system/database on old 32GB Class 4 (C4) SD card - 45 MB/s down 15 MB/s up. USB set to 3.0.
3. New USB3 2TB HDD with spinning platters with USB2 set = IPS On with system/database on this USB3 2TB HDD - 70 MB/s down 15 MB/s up. USB set to 2.0 for reduced interference.
4. New USB3 2TB HDD with spinning platters with USB3 set = IPS On with system/database on this USB3 2TB HDD - 70 MB/s down 15 MB/s up. USB set to 3.0.
5. New high speed pro 4K video SD card (C10, U3, V30) with USB2 set = IPS On with system/database on this high speed SD card - 70 MB/s down 15 MB/s up. USB set to 2.0 for reduced interference.
6. New high speed pro 4K video SD card (C10, U3, V30) with USB3 set = IPS On with system/database on this high speed SD card - 70 MB/s down 15 MB/s up. USB set to 3.0.

Overall/Final Results? My RT1900ac with IPS running currently tops out at about 70-75 MB/s once a minimum memory speed is reached. You can look up SD memory standards - there is specification bifurcation and overlap so C is different than U which is different than V) but from what I understand C4 means minimum 4 MB/s write, C10 means minimum 10 MB/s Write. V30 means minimum 30 MB/s write. I have not tested the speed of my cards.

sushione
I'm New!
I'm New!
Posts: 6
Joined: Fri Jul 27, 2018 8:33 pm

Re: Intrusion Prevention is killing router performance

Unread post by sushione » Sat Jul 28, 2018 12:37 pm

Hi,

I am also very disappointed by this feature, it slowdown my internet speed by more than a x10 factor !

RT2600ac up-to-date, cable internet access 1Gb down - 40Mb up
Tested w/ good quality SD, 3.0 USB key and even external SATA/USB SSD. (with USB 3.0 enabled in DSR)

With Intrusion Prevention enabled :
max 55Mb down - 33Mb up

With Intrusion Prevention disabled :
max >800Mb down - 39Mb up

What's wrong with this software ?
Last edited by sushione on Sun Aug 12, 2018 7:59 pm, edited 1 time in total.

EdK
Beginner
Beginner
Posts: 29
Joined: Mon Feb 21, 2011 8:15 am

Re: Intrusion Prevention is killing router performance

Unread post by EdK » Sun Jul 29, 2018 1:16 am

Wow, that is allot. Mine would sometimes be down at 50-55 MB/s like you but that is the shared nature of cable modems in a neighbourhood. Typically 70-75 MB/s down for about 95% of the time for me.

My understanding is that each packet is inspected beyond the header (header only is shallow) This seems to be a medium inspection (http://tec.gov.in/pdf/Studypaper/White% ... %20DPI.pdf). My guess is, that simply takes processing power and an architecture that this device is simply not designed to manage at those high speeds. I guess unless you have, use, and notice that original high internet speed, many people may simply not see a difference. Browsing, email, Facebook, and Netflix for a couple people in a house doesn't require much.

Maybe CPU cycles are drained off for other processes/services in your case? I must say that IPS is flakey for me though. Stops, says missing external media, deselects system database location etc.

sushione
I'm New!
I'm New!
Posts: 6
Joined: Fri Jul 27, 2018 8:33 pm

Re: Intrusion Prevention is killing router performance

Unread post by sushione » Mon Jul 30, 2018 6:51 pm

Maybe CPU cycles are drained off for other processes/services in your case?
There is only VPN Plus server active but with no user connected.

When Intrusion Prevention is ON, CPU av. is 80% and RAM is 60%
doing a speedtest CPU goes up to 100%
when it's OFF, CPU av. is 20% and RAM 34%

And I am using a good USB 3.0 key 16Gb.

pepeEL
Novice
Novice
Posts: 53
Joined: Tue Nov 11, 2014 8:56 pm

Re: Intrusion Prevention is killing router performance

Unread post by pepeEL » Mon Jul 30, 2018 9:02 pm

I hear that in thirdpart year will be new release FW and he has implement new IPS with speed to 800Mbps...

EdK
Beginner
Beginner
Posts: 29
Joined: Mon Feb 21, 2011 8:15 am

Re: Intrusion Prevention is killing router performance

Unread post by EdK » Sun Aug 12, 2018 1:03 am

That would be nice. Did you hear is that for the rt1900ac and 2300? I wonder what changes or optimizations they did to get that speed out of these little guys. What credence do you give the source?

ikjadoon
Trainee
Trainee
Posts: 14
Joined: Sat Sep 09, 2017 5:37 pm

Re: Intrusion Prevention is killing router performance

Unread post by ikjadoon » Mon Aug 13, 2018 7:09 am

Another user chiming in here about the “failure to launch” for the IPS “feature”. I had a month-long ticket with Synology on IPS, which was causing my router to drop WiFi. Which it probably turns out was just this horrible performance degradation. And yup, I just used a normal Samsung EVO SD card.

I was quite disappointed in their quality control. Don’t understand why anyone would ship such maladjusted software to any consumer.

I don’t think Synology uses IPS on their own routers 😂

We’ll see about 1.2, but if you have the gall to ship it out like that on your flagship route for over a year, I’m not holding my breath.

Oh, well. At least now we know.

rodolgo
I'm New!
I'm New!
Posts: 4
Joined: Fri May 24, 2013 5:23 pm

Re: Intrusion Prevention is killing router performance

Unread post by rodolgo » Mon Aug 20, 2018 7:21 pm

Hi,

Isp raw bandwidth : 500 Mbps/50 Mbps
Router: RT2600.

Intrusion detection off: almost the same is achieved.

Intrusion detection on: 40 Mbps/45 Mbps (peak). Skype for business meetings consistently break after a minute or so.

ID kills performance of the router and the resulting throughput.

IMHO the hardware is not sized for ID.

Turned it off and problem is gone.

Rodolphe

Connected
Student
Student
Posts: 67
Joined: Sun Feb 18, 2018 12:12 am

Re: Intrusion Prevention is killing router performance

Unread post by Connected » Tue Aug 21, 2018 5:39 am

ikjadoon wrote:
Mon Aug 13, 2018 7:09 am
Don’t understand why anyone would ship such maladjusted software to any consumer.
Because ASUS has AIProtection (by Trend Micro), and NetGear has Armor (by Bitdefender), and Synology can kiss off their expansion into routers unless they have a comparable offering. At this point, with IPS, they aren't even close.

With SRM 1.2 they will apparently give IPS a new name ("Threat Protection") and it will become a real (not beta) product. See https://www.youtube.com/watch?v=qBXYh6rn1ug at around 6 minutes in if you haven't already watched it (thanks AVonGauss).

Unless they've done a whole lot of work making IPS a viable product for the average home router consumer, it won't be enough to remain competitive, IMO.
We live in a world of things that mostly sorta work.

Locked

Return to “Installation and Configuration”