A. THE BUG/ISSUE (Varies from issue to issue)
Can you reproduce the problem & if so how reliably?:
100%
If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1: set MTU to larger than 2026 (in Windows and Ubuntu, accordingly)
2: copy a large amount of data (=one several GB-sized file or many smaller ones with a similar total size) from Windows with CIS → Ubuntu via SMB or NFS or plain FTP
One or two sentences explaining what actually happened:
Copy processes stall and timeout; unexpected error on SMB, ECONNABORTED on FTP, something similar in NFS.
Even with MTU <=2026, file transfers don’t fail, but are slow (20-30 MB/s, fluctuating wildly) instead of expected 100+ MB/s
One or two sentences explaining what you expected to happen:
successful & fast copy of files
If a software compatibility problem have you tried the advice to make programs work with CIS?:
n/a
Any software except CIS/OS involved? If so - name, & exact version:
n/a
Any other information, eg your guess at the cause, how you tried to fix it etc:
I guess the real info goes here.
I have two 10G nics (Aquantia-based ASUS XG-C100C), one in an Ubuntu 21.04 server and another on Windows 10 x64 with latest (12.2.2.8012) CIS. This NIC can use jumbo frames with MTU sizes up to 16k, however, whenever I enable anything larger than 2040 (as shown in Network Adapter Properties on Windows, actual MTU is 2026), all copies from Windows to Ubuntu stall after a few 100 MB and eventually result in an error (specific to the method of copying). I tried NFS, SMB and plain FTP, all fail 100% of the time. There are no errors at MTU 2026 and less. However, transfer rates fluctuate wildly and are in general much slower than expected - I expect ~100MB/s to a SATA HDD on the Ubuntu server, whereas I’m getting ~30 with periodic fluctuations between 10 and 80. All these issues are solved when the CIS Firewall Driver on the NIC is disabled, and transfer rates jump to a steady 130 MB/s+.
I’ve found a few possibly related outdated topics here on the bug forums, but as far as I understood, those complained about CIS forcing a MTU size of 1500. I don’t have this issue; large MTUs work fine (ping with forced no fragmentation), just longer copies fail.
B. YOUR SETUP
Exact CIS version & configuration:
12.2.2.8012
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
Firewall, device control
Have you made any other changes to the default config? (egs here.):
You mean application FW rules and Global rules? Too many to list, and I suspect, irrelevant. Traffic to Ubuntu server is not restricted.
In the firewall module / advanced / ipv6 filter and loopback filter are ON, rest disabled.
Have you updated (without uninstall) from CIS 5, 6 or 7?:
no, directly installed this version
if so, have you tried a a a clean reinstall - if not please do?:
n/a
Have you imported a config from a previous version of CIS:
no
if so, have you tried a standard config - if not please do:
n/a
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Win 10 Pro x64 20H2 (19042.985); non-admin account; no VM
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
Windows Defender for AV
C. ATTACH REQUIRED FILES (delete this section (section C) after attaching required files)
Always attach the diagnostics file (instructions on how to do this provided here) and the KillSwitch Process List (instructions on how to do that provided here) and put the resulting file in a zip file. Both should then be attached to your post.
Note that additional information may be requested by the processing Moderator.