I'm experiencing frequent DP CPU spikes of 100% and averages between 80-95% on a PA-2050 Active Active deployment running 5.0.5.
Our configuration is fairly simply with 2 vWire's per box for 2 security zones with async routing between the trust and untrust zones. We have only 5 security policies, with AV, spyware and vulnerability protection security profiles only. These profiles simply "allow" low/info/medium traffic and alert for high/critical and that's about it and a little bit of syslog. No VPN, no USER-ID, no global protect etc.. etc...
However at peak times with around 75-90Mbps of throughput and ~96k sessions reported per PA-2050 we hit 90-100% CPU.
Has anyone else experienced this sort of issue on a PA-2050 as the throughput numbers and session count are below the stated capability for the platform as below or is that simply too optimistic?
Could you please provide below mentioned information.
admin@PA-500> show running resource-monitor >>>>>>>>>>>>>>> current as well as previous CPU history
admin@PA-500> debug dataplane pool statistics >>>>>>>>>>>>>> available/Utilize pools
admin@PA-500> show running logging >>>>>>>>>>>>>>>>> logging rate of this firewall
admin@PA-500>show counter global filter delta yes packet-filter yes >>>>>>>>>>>>>>>> apply this command and verify below mentioned parameter
If any of them is high.
Packets queued for FPGA
Thanks for the Reply,
See attached files:
“PA-2050-1 - show running resource-monitor at time of high CPU.txt” – this was taken at the time of high CPU yesterday.
All the remaining attachments were captured this morning, however all threat protection policies and logging are disabled to avoid having to physically bypass the Firewalls, so the rest of the attachments are after threat and logging were turned off.
I’ve not posed the stats from the 2nd PA-2050 as they are fairly similar to the Active-Primary one.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!