I'm working on a high-availability setup with two SonicWall NSA4650 firewalls and have two ISPs. I'd like to dedicate one ISP for general internet traffic and the other specifically for my Azure Tunnel. Right now, my setup uses BGP and static routes, but I'm suspecting there's an MTU issue that's causing the tunnel to be slower than expected. I'm considering changing my firewalls and would appreciate any recommendations on the best setup for this configuration.
1 Answer
Before diving into hardware changes, how are you measuring the slowness you're experiencing with the tunnel? It might be worth double-checking that metric first. It can help narrow down whether it’s a configuration issue or a performance problem with the firewalls themselves.
I’m running tests with Iperf, and I'm getting about a third of my download speeds while connected to the tunnel. However, when I bypass the tunnel and test on public IPs, my speeds max out.