New Member
May 13, 2017
Solved
High cpu load
- May 13, 2017
- 1 reply
- 6336 views
Hello,
I have 2x Fortigate 200B with firmware v4.0,build0632,120705 (MR3 Patch 8). not too much traffic and sessions: Ca 200 Mb/s , up to 10k ip packets/s , up to 15k active session. I have noticed that sometimes cpu is very high but only user part. It happens mostly, every 5-10 minutes for more less 10-20s but sometimes it takes much more time as You can see on day graph
I did some debug but i can't see nothing wrong. I turn off: snmp access, widget in dashborad, tune tcp timers but without success. Still high cpu user. What can be reason of that? How can i debug this more deeply ? Below some of my ouputs
Big thanks for help
# get system performance status
CPU states: 1% user 25% system 0% nice 74% idle
CPU0 states: 1% user 25% system 0% nice 74% idle
Memory states: 64% used
Average network usage: 72437 kbps in 1 minute, 114673 kbps in 10 minutes, 110949 kbps in 30 minutes
Average sessions: 7546 sessions in 1 minute, 7650 sessions in 10 minutes, 8010 sessions in 30 minutes
Average session setup rate: 195 sessions per second in last 1 minute, 190 sessions per second in last 10 minutes, 194 sessions per second in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 162 days, 22 hours, 23 minutes
# get system performance status
CPU states: 73% user 26% system 0% nice 1% idle
CPU0 states: 73% user 26% system 0% nice 1% idle
Memory states: 64% used
Average network usage: 60414 kbps in 1 minute, 111938 kbps in 10 minutes, 109509 kbps in 30 minutes
Average sessions: 7830 sessions in 1 minute, 7743 sessions in 10 minutes, 7980 sessions in 30 minutes
Average session setup rate: 193 sessions per second in last 1 minute, 189 sessions per second in last 10 minutes, 193 sessions per second in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 162 days, 22 hours, 25 minutes
# get system performance top
Run Time: 162 days, 22 hours and 25 minutes
7U, 29S, 64I; 1009T, 322F, 90KF
initXXXXXXXXXXX 1 S 0.0 1.1
cmdbsvr 49 S 0.0 3.7
zebos_launcher 71 S 0.0 1.2
uploadd 72 S 0.0 1.1
miglogd 73 R 0.0 2.7
miglogd 74 S 0.0 1.1
httpsd 75 S 0.0 1.8
nsm 76 S 0.0 0.3
ripd 77 S 0.0 0.2
ripngd 78 S 0.0 0.2
ospfd 79 S 0.0 0.2
proxyd 80 S 0.0 1.1
ospf6d 81 S 0.0 0.2
wad_diskd 82 S 0.0 2.4
bgpd 84 S 0.0 0.2
isisd 85 S 0.0 0.2
proxyacceptor 86 S 0.0 0.1
pimd 89 S 0.0 0.2
imd 90 S 0.0 1.4
ipsmonitor 92 S 0.0 1.1
# show
config system global
set admin-scp enable
set admintimeout 480
set fgd-alert-subscription advisory latest-threat
set gui-ipv6 enable
set hostname "FG200B3911111111"
set refresh 5
set service-expire-notification disable
set strict-dirty-session-check disable
set tcp-halfclose-timer 30
set tcp-halfopen-timer 30
set tcp-timewait-timer 10
set timezone 29
set tos-based-priority high
set udp-idle-timer 60
end
# diag sys session stat
misc info: session_count=8350 setup_rate=270 exp_count=4 clash=1556704
memory_tension_drop=0 ephemeral=0/57344 removeable=0 ha_scan=1095
delete=0, flush=0, dev_down=0/0
TCP sessions:
4 in NONE state
1930 in ESTABLISHED state
499 in SYN_SENT state
7 in SYN_RECV state
16 in FIN_WAIT state
637 in TIME_WAIT state
429 in CLOSE state
170 in CLOSE_WAIT state
firewall error stat:
error1=00000000
error2=00000000
error3=00000000
error4=00000000
tt=00000000
cont=00000000
ids_recv=00000000
url_recv=00000000
av_recv=caa507cd
fqdn_count=00000002
tcp reset stat:
syncqf=6319606 acceptqf=11167 no-listener=23653603 data=1 ses=76629 ips=0
global: ses_limit=0 ses6_limit=0 rt_limit=0 rt6_limit=0