We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

Files appear to download very slowly, and may finish only being a few kilobytes big

  • Type: Knowledgebase
  • Date changed: 6 months ago
Solution #00005327

 
Scope:
This solution replies to:
- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x
- netfence firmware versions 4.2.x

 
Symptoms:
With the Trickle Feature active, downloads in the client browser appear to be extremely slow (Data Trickling) or standing still (Data Trickling disabled, only Header Trickling) for a while and then suddenly speed up, or cancel while leaving only a small file behind saved to the client.


Solution:
Due to the technical limitations of utilizing an anti-virus scan on downloads over a web proxy, the file has to be fully downloaded onto the proxy itself before the AV scan can proceed.
In the meantime, the proxy will forward a small early amount of data to initialize the download on the client browser, followed by tiny packets to keep the download alive. Once the AV scan has successfully completed, the file will be sent to the client browser, at which point the speed will increase.
Should the file be rejected by the scanner for whatever reason (such as containing a virus, or configuration settings of the AV service), the trickle download to the client browser will be stopped, while the client saves the small piece already received. The reason it was rejected can be found in the AV log on the netfence system.
Since the scan cannot begin before the download is completed (especially with archives, as they need to be extracted first), the pieces forwarded contain unscanned data. Due to security reasons the maximum size for that is limited.

The issue is solely subjective on the side of the user. They believe the initial slowness, and thus the estimated time left shown in the browser will not change, and possibly cancel the download before it is finished. Care has to be taken to inform them that this is not the case.
The actual download speed itself is not affected, and happens at the full speed the connection and traffic shaping rules allow.


Note:
Data Trickling is not possible with HTTPS-downloads over Secure Web Proxy.


Link to This Page:
https://campus.barracuda.com/solution/50160000000IKbwAAG