Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Iron

High CPU utilization and traffic DISCARDS_IN

Hello,

 

I noticed appearing a lot of errors on network interfaces type of DISCARDS_IN and 100% CPU usage. 

How i can locate which type of traffic is source of this high CPU utilization? Can is somehow balance CPU usage like devide it between other CPU's ?

 [Expert@hocdmzfw01:0]# fw ctl affinity -l -a -v
Interface Mgmt (irq 76): CPU 0
Interface eth1-06 (irq 59): CPU 1
Interface eth1-03 (irq 139): CPU 0
Interface eth2-01 (irq 171): CPU 0
Interface eth2-02 (irq 187): CPU 1
Interface eth2-03 (irq 203): CPU 1
Interface eth2-04 (irq 219): CPU 0
Interface eth3-01 (irq 235): CPU 1
Interface eth3-02 (irq 60): CPU 1
Kernel fw_0: CPU 11
Kernel fw_1: CPU 10
Kernel fw_2: CPU 9
Kernel fw_3: CPU 8
Kernel fw_4: CPU 7
Kernel fw_5: CPU 6
Kernel fw_6: CPU 5
Kernel fw_7: CPU 4
Kernel fw_8: CPU 3
Kernel fw_9: CPU 2
Daemon fwd: CPU all
Daemon in.aclientd: CPU all
Daemon mpdaemon: CPU all
Daemon cpd: CPU all
Daemon cprid: CPU all

 

Best Wishes!

0 Kudos
2 Replies
Highlighted
Sapphire

I would involve TAC to find that out quickly !

0 Kudos

I assume by discards you mean RX-DRP in the output of netstat -ni.

If you run top and hit "1" do you see that CPUs 0 and 1 (SND cores) are saturated while cores 2-11 (Firewall Workers) are relatively idle?  If so you need to try modifying your split from 2/10 to 4/8 which should make a big difference.

Better yet, please post the results of the "Super Seven" commands https://community.checkpoint.com/t5/General-Topics/Super-Seven-Performance-Assessment-Commands-s7pac...

 

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos