Maxing out Firewall CPU..

5 04 2012

Whilst running a packet capture on my SG82 last night, I started noticing some very strange side effects.. Using my relatively new instance of PRTG, I observed a gradual increase in the number of ‘Down’ states, up to around 200 of them.

They were all for hosts on the other end of a site to site VPN, but the weird thing was that ping connectivity was still there to the hosts that were alerting.

A little investigation identified that the CPU was maxed out, and when that happens, literally the only traffic that passes over a site to site VPN is ping. Stop the packet capture, and the checks recovered.

A bit of real-world that you don’t come across in the reference books!



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: