Skip to main content
sailesh
sailesh
New Member
February 1, 2024
Question

packet dropped issue on fortigate 30E lan ports

  • February 1, 2024
  • 2 replies
  • 3568 views

I'm getting weird issues on Fortigate 30E not just on 1 firewall but on multiple 30E firewall. Issue is i got huge packet dropped at all the lan ports while wan port is working fine. 

is there any solution towards this issue?

2 replies

AEK
SuperUser
AEK
SuperUser
February 1, 2024

Which firmware version?

How do you know packets are being dropped at FG LAN ports?

Any related logs?

AEK
sailesh
saileshAuthor
New Member
February 2, 2024

* I've been using firmware v6.2.10, v6.2.11, v6.2.15 on multiple device, and same issue persist on all firmware.

* packets are being dropped even if we send ping request form same firewall on different lan interfaces of same firewall.

* there's no any suspicious log or high utilization on any lan ports or memories. However could you pleas explain why i'm getting Interrupt message on executing fnsysctl ifconfig:

 

Link encap:Ethernet HWaddr 90:6C:AC:53:99:62

UP BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0 Bytes) TX bytes:0 (0 Bytes)

Interrupt:255

AEK
SuperUser
AEK
SuperUser
February 2, 2024

I did a quick search and found that "Interrupt" is the IRQ number associated with the device, something used by CPU, so it is definitely not a kind of error counter.

Since you tried many mature FOS versions and since you have this issue on multiple FG firewalls, my first guess is to check the following:

  • Check if there is traffic shaping policy on your firewalls
  • Using Cat-5 cables for 1Gb links can lead to such behavior
  • Try connect your host directly to your FG and do the test, just to see if the issue is not caused by the switch or other network device
  • Temporarily force link speed to 100Mb and do the test. It may reveal some useful result

I also recommend to open a ticket as @Nishtha_Baria suggested.

AEK
Nishtha_Baria
Staff
Nishtha_Baria
Staff
February 1, 2024

Dear Customer,

 

If you are observing packet drops on your FortiGate it would be best to create a ticket with TAC as an engineer can have look and take some real time debugs and packet capture to get to find the root cause of the issue.

 

-NB

Terms & ConditionsAccessibility statement