In the UTM 9 Administration Guide, there's a section (8.1.1) which includes a paragraph on dropped broadcasts. It mentions the Advanced option for logging dropped broadcasts, but I have no need to log dropped broadcasts, so that option is turned off.
It further goes on to say, if I'm reading it correctly, that on broadcast-heavy networks, which mine is, I can increase performance by adding a manual rule to drop broadcasts. It was easy to do, so I tried it, added at the very top as rule #1. For testing purposes, I turned on logging for the rule (normally, I would not have logging enabled for the rule), and discovered that the rule was never being hit.
It wasn't until I went back to the Advanced page and turned on the option to log dropped broadcasts that I started seeing action in the live log for rule #1.
So now I'm confused. It appears to me that the Advanced option to log dropped broadcasts actually does two things -- it logs (or not), AND it drops (or not). Given that, if the option is turned off, does it even make any sense to have a manual rule to log dropped broadcasts? Or, to put it another way, am I correct in thinking that if I'm going to have a manual rule to drop broadcasts, then the advanced option to log dropped broadcasts should be turned on as well? The manual doesn't exactly say that, but it certainly seems so from my testing.
And is it really true that doing this will improve performance?
It further goes on to say, if I'm reading it correctly, that on broadcast-heavy networks, which mine is, I can increase performance by adding a manual rule to drop broadcasts. It was easy to do, so I tried it, added at the very top as rule #1. For testing purposes, I turned on logging for the rule (normally, I would not have logging enabled for the rule), and discovered that the rule was never being hit.
It wasn't until I went back to the Advanced page and turned on the option to log dropped broadcasts that I started seeing action in the live log for rule #1.
So now I'm confused. It appears to me that the Advanced option to log dropped broadcasts actually does two things -- it logs (or not), AND it drops (or not). Given that, if the option is turned off, does it even make any sense to have a manual rule to log dropped broadcasts? Or, to put it another way, am I correct in thinking that if I'm going to have a manual rule to drop broadcasts, then the advanced option to log dropped broadcasts should be turned on as well? The manual doesn't exactly say that, but it certainly seems so from my testing.
And is it really true that doing this will improve performance?