|
To get more information on Interrupt Affinity, refer to this document:
Interrupt affinity
To view which port/interface has the transmit and receive interrupts, please run the following CLI command:
diagnose hardware sysinfo interrupts
The output for FortiGate VM having 4 CPUs might contain this:
portX-TxRx-0
portX-TxRx-1
portX-TxRx-2
portX-TxRx-3
Sample Output:
FGTVMfw01 # diag hard sysinfo interrupt
CPU0 CPU1 CPU2 CPU3
0: 2 0 0 0 IO-APIC 2-edge timer
1: 9 0 0 0 IO-APIC 1-edge i8042
8: 0 0 0 0 IO-APIC 8-edge rtc
……
56: 2486 277555936 0 0 PCI-MSI 1572864-edge port1-rxtx-0
57: 0 0 0 0 PCI-MSI 1572865-edge port1-event-1
58: 2938515933 2916119929 716640069 0 PCI-MSI 2097152-edge port5-rxtx-0
59: 0 0 0 0 PCI-MSI 2097153-edge port5-event-1
60: 5553 159711 3010772476 3402032588 PCI-MSI 2621440-edge port9-rxtx-0
61: 0 0 0 0 PCI-MSI 2621441-edge port9-event-1
62: 663305959 6 2988936929 3457387955 PCI-MSI 5767168-edge port2-rxtx-0
63: 0 0 0 0 PCI-MSI 5767169-edge port2-event-1
Port2 and port9 are using CPU core 2 and core 3 and still showing high CPU usage. 2 more entries can be added as follows to distribute the traffic on CPU core 0 as well:
FGTVMfw01 # config system affinity-interrupt
(affinity-interrupt) # edit 12
(12) # set interrupt "port2-rxtx-0"
(12) # set affinity-cpumask "0x0000000000000001"
(12) # next
(affinity-interrupt) # edit 13
(13) # set interrupt "port9-rxtx-0"
(13) # set affinity-cpumask "0x0000000000000001"
(13) # end
Affinity CPU mask can be assigned using the following:
-------------------------------------------------------------------
0x0000000000000001 -> That one is for CPU0
0x0000000000000002 -> This one is for CPU1
0x0000000000000004 -> That one is for CPU2
0x0000000000000008 -> This one is for CPU3
-------------------------------------------------------------------
Note: Constant CPU usage monitoring may be needed to observe high CPU on any of the cores after the implementation.
|
