Is there a way to limit the number of response or captive portal pages, generated by the L3svc process for 1 second?

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Reply
NikolayDimitrov
L4 Transporter

Is there a way to limit the number of response or captive portal pages, generated by the L3svc process for 1 second?

Hello to ALL,

 

 

I have seen several cases where data plane overutilization may cause the managment plane to crash. In most cases I see the Devsrvr process to commit many times and to restart the L3svc process that uses I think it uses something like nginx as the palo alto firewall logs seem to be nginx related but it could be something else (that is not the important part). What I think it could be is that many HTTP/HTTPS requests cause the web server on the palo alto firewall to generate to many response or captive portal pages and to crash and maybe the Devsrvr is the one between the data plane affecting the managment plane and providing the web pages to the data plane. Is it possible to manually hard code a limit to the response or captive portal pages generated in for 1 second?

 

 

I only found the link below I think this is for limiting the number of captive portal responces for a client to 2 in a second and not a general limit and there is nothing for response pages fo example for blocked traffic by URL category and so on.

 

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/map-ip-a...


Accepted Solutions
OtakarKlier
Cyber Elite

Hello,

If the CPU's are running too high, I would suggest taking a look as to what is causing the issue. It could be that you have outgrown the size of the device. Also check the code you are running with newer code release notes, you could be hitting a bug.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRTCA0

 

Regards,

View solution in original post


All Replies
OtakarKlier
Cyber Elite

Hello,

If the CPU's are running too high, I would suggest taking a look as to what is causing the issue. It could be that you have outgrown the size of the device. Also check the code you are running with newer code release notes, you could be hitting a bug.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRTCA0

 

Regards,

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!