I recently upgraded the gateway.
(R80.10 to R80.40 with HFA 89)
The management server of this gateway is version R80.20.
(The R80.20 management server can manage the R80.40 gateway.)
There are issues after upgrade.
1. The count of sessions has been increased.
In almost the same traffic environment, the number of counts has increased compared to the previous version (R80.10).
If I type the command "cpstat -f policy fw | grep conn" 10 times at 1 second intervals it keeps the same count. (This should be changed in real time.) But if I type CPview or "fw tab -t connections -s" command, it changes in real time.
Global setting of Session Timeout is the same as before. (R80.10)
Are there any changes to the mechanism for counting sessions in R80.40?
2. The fw_full process is too busy.
The gateway model is the CPAP 23800 model.
1) 1.5 ~ 2 Gbps
2) 2,500 ~ 3,000 CPS
3) 200,000 ~ 250,000 PPS
4) 250,000 ~ 300,000 Sessions
The fw_full process shows 100% usage every 10-20 seconds.
This gateway uses IPS and FW blades.