Who rated this post

With the blades you have enabled, nothing in your Check Point firewall policy/feature config should be causing the performance effect you are seeing.

Sounds like the subnet mask on your firewall's external interface is not matching what your ISP has for you on their router, a /31 (255.255.255.254) is 2 total addresses not 8.  If you are set for a /31 and your ISP is set for /29 (255.255.255.248), the "good/fast" addresses probably fall within your /31 while the slow ones fall outside that.  In that case the ISP router may be proxy ARPing for every address on the Internet for your slow addresses which will cause some problems.  You may also be stepping on the addresses assigned as the network number (old broadcast - lowest IP address in the range) for your subnet, as well as the broadcast (highest IP address) which may cause a variety of nasty broadcast storm-type effects that impact performance.

Depending on your ISP they may have given you two Internet-routable netblocks: a small WAN/transit netblock (like a /30) that should be implemented between your firewall's external interface and their router, and another larger LAN netblock (like a /29 or /28) that will be routed by the ISP across the WAN netblock for transit to your firewall.  Feel free to PM me the information your ISP gave you as far as Internet-routable addresses they assigned you, and the external interface configuration of your firewall with no redaction.  I wouldn't recommend posting that info publicly.