This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Is there a way to limit the number of response or captive portal pages, generated by the L3svc process for 1 second?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Is there a way to limit the number of response or captive portal pages, generated by the L3svc process for 1 second?

Go to solution
nikoolayy1
L6 Presenter

‎03-04-2021 01:48 PM - edited ‎03-04-2021 01:58 PM

Hello to ALL,

 

 

I have seen several cases where data plane overutilization may cause the managment plane to crash. In most cases I see the Devsrvr process to commit many times and to restart the L3svc process that uses I think it uses something like nginx as the palo alto firewall logs seem to be nginx related but it could be something else (that is not the important part). What I think it could be is that many HTTP/HTTPS requests cause the web server on the palo alto firewall to generate to many response or captive portal pages and to crash and maybe the Devsrvr is the one between the data plane affecting the managment plane and providing the web pages to the data plane. Is it possible to manually hard code a limit to the response or captive portal pages generated in for 1 second?

 

 

I only found the link below I think this is for limiting the number of captive portal responces for a client to 2 in a second and not a general limit and there is nothing for response pages fo example for blocked traffic by URL category and so on.

 

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/map-ip-a...

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
OtakarKlier
Cyber Elite
Cyber Elite

‎03-08-2021 02:25 PM

Hello,

If the CPU's are running too high, I would suggest taking a look as to what is causing the issue. It could be that you have outgrown the size of the device. Also check the code you are running with newer code release notes, you could be hitting a bug.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRTCA0

 

Regards,

View solution in original post

0 Likes Likes
1 REPLY 1

Go to solution
OtakarKlier
Cyber Elite
Cyber Elite

‎03-08-2021 02:25 PM

Hello,

If the CPU's are running too high, I would suggest taking a look as to what is causing the issue. It could be that you have outgrown the size of the device. Also check the code you are running with newer code release notes, you could be hitting a bug.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRTCA0

 

Regards,

0 Likes Likes
  • 1 accepted solution
  • 1806 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks