Skip to main content
Vasiliy
Vasiliy
New Member
July 15, 2016
Question

proxyd overload my device

  • July 15, 2016
  • 1 reply
  • 8192 views

Hello! I Use FortiGate-60D with 5.2 GA. I have situation when some thing in my network (how I think from one of my users computer) overload my fortigate device during workday. I enter command diag sys top-summary '-s mem' and see that service PROXYD have high load (~70% CPU) every 30 minutes for 1-2 minutes. During that time all users can't use internet or email (they are extremely slow or don't work) Can I see more detailed what load that service? How? Thank you!

    1 reply

    Vasiliy
    VasiliyAuthor
    New Member
    July 19, 2016

    The answer is: i has corrupted POP3 connection from one of my computer, when user try to establish it all Fortigate device was loaded to 100% until connection close by timeout. Next time outlook try to connect (between 30 minutes or user manual by pressing "F9" to refresh) device again was loaded. I found user, clean remote mailbox, and all back to normal state!

    Big_Abe
    Big_Abe
    New Member
    October 21, 2016

    How did you find the source of what was overloading your proxyd?

     

    I currently have one of my fortigates doing the same thing and nothing obvious that myself, or the TAC could find.  :\  Yet it spikes over 95% and starts failing open, or I have to reboot. 

     

    Cheers. 

    Vasiliy
    VasiliyAuthor
    New Member
    October 21, 2016

    Hello Abe!

     

    First I use command "diag sys top-summary '-s mem'" (without ") to look after proxyd process, then I try to find out how often I have this high load, after I found that I have this bad connection every 30 minutes I try to remember what exactly in my home network scheduled to every 30 minutes connection, almost immediately I remember that I have only one software that have connection every 30 minutes to internet - Outlook. At lunch I check every computer in network for connection and find what computer have bad Outlook request (start mail exchange and back to my workplace to check is that connection bring high load).

     

    So! First - check time period! Second - find software what have that period connection! Third - find the PC!

     

    Hope that clear to you, sorry for bad language! ;)

    Terms & ConditionsAccessibility statement