Sonicwall NSA 220 routing performance is less than I expected. It is just doing routing - no content filtering (the system is out of support).
My test setup: two laptops, each with 1 gig NICs. The first is plugged into X0 and the second is plugged into X2. X2 is in the LAN zone but on a different subnet.
When copying a 4 gb file between laptops I get about 14 MB/s or 112 megabits / sec, according to the Windows file transfer dialog box.
If I plug both laptops into an unmanaged switch and set IP address to the same subnet I get about 90 MB/s or 720 megabits / sec when copying the same file.
The NSA 220 spec says it should have a statefull inspection throughput of 600 mb/s so why do I get only 112 mb/s with no content inspection? I could imagine that Sonicwall exaggerates a bit, but not by 5x?
What am I missing?
After speaking with Sonicwall support I've found that fw 5.9 added a LOT of overhead. Moral of the story is to buy a faster firewall than you expect to need since future security updates will slow it down.