Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-06-2013 08:51 AM
Hello,
As this article's title, I setup a Panorama to collect the logs from a PA-2050.
But, when I complete the integration between Panorama and PA-2050, the CPU percentage of Management Plane become higher.
Before the integration, the MP CPU is lower then 15%. One month later, the average keeps about 59%, sometimes higher then 60%.
But I check the system log and cannot find any question, please give me some suggestions or experiences to troubleshoot it.
I upload an attach file, it's the MRTG graph.
Thanks a lot,
Sample Wu
02-06-2013 09:10 AM
This could be related to log forwarding.
Are you forwarding logs to Panorama?
02-06-2013 09:18 AM
Hi, mschuricht,
Yes, but I didn't see this situation in other PAN firewall that integrated with Panorama.
In normal, the MP CPU should not be so high, right ?
02-06-2013 09:27 AM
It all depends on how much traffic is being seen by the device, how many logs/sec are being forwarded (based on Policy), and is also related to the firewall platform.
02-07-2013 05:13 AM
Hi, mschuricht,
Thanks for your reply, but I'm still confused.
Do you mean that it's may be a normal situation in PA2050 because it's hardware performance limitation when PA2050 must process huge traffic and forward logs at the same time ?
In my uploaded MRTG graph, the traffic became lower and DP CPU was decreasing after 12th January, but the MP CPU still keep in a high percent. How can I do to make the MP CPU become lower ?
Thanks,
Sample
02-07-2013 09:18 AM
Not exactly. I mean that you cannot really compare a PA-2050 deployed in one location with the performance of another in a different location. The traffic passing through the box will likely differ and so will the policy. If you want to do a comparison it should be apples to apples with the same traffic and policy applied.
Can you run "debug log-receiver statistics" to get a sense for how many logs/sec are being processed by the device?
Have you opened a case to have TAC take a look?
02-07-2013 06:07 PM
Hi, mschuricht,
Thank you, I got it.
I have not open a case yet, but I will.
Thanks for your help again, ^_^
Regards,
Sample
02-08-2013 07:13 PM
Also which PANOS version is used?
The PA-2000 series have some issues with mgmtplane which compared to PA-3000 series is much slower which of course could bring you a higher cpu usage. As long as this doesnt reach 100% you should be safe.
There have also been some issues addressed regarding mgmtplane and performance in the later releases of 4.1 and 5.0 series.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
