Maxing out Firewall CPU..

5 04 2012

Whilst running a packet capture on my SG82 last night, I started noticing some very strange side effects.. Using my relatively new instance of PRTG, I observed a gradual increase in the number of ‘Down’ states, up to around 200 of them.

They were all for hosts on the other end of a site to site VPN, but the weird thing was that ping connectivity was still there to the hosts that were alerting.

A little investigation identified that the CPU was maxed out, and when that happens, literally the only traffic that passes over a site to site VPN is ping. Stop the packet capture, and the checks recovered.

A bit of real-world that you don’t come across in the reference books!

VM Throughput update

1 03 2012

Definitely runs at the correct speed when going though a device with decent throughput.. My faithful, if not somewhat quirky, Checkpoint SG82 cluster. Result.