Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
epinheiro
Staff
Staff

Created on ‎08-29-2025 10:32 AM

Article Id 408797

Troubleshooting Tip: High CPU usage of linkmtd daemon when link-monitor or fail-detect is enabled

Description This article describes an issue where the 'linkmtd' daemon consumes high CPU when FortiGate devices process large amounts of traffic with link-monitor or fail-detect enabled.
Scope

Platforms: FortiGate 3000F, FortiGate 3001F, FortiGate 80F, FortiGate 4801F

FortiOS versions: 7.2.9 GA, 7.4.5, 7.4.8 GA, 7.4.9, 7.6.4, 7.6.5, 8.0.0
Solution

Symptoms: High CPU utilization of the 'linkmtd' daemon.

 

Cause: Under high traffic conditions, the 'linkmtd' daemon performs unnecessary session dumps and system calls during link-monitor or fail-detect operations, resulting in excessive CPU usage.

 

Workarounds:

  • Remove the link-monitor configuration.
  • Remove the fail-detect configuration.

Fixed versions:

  • FortiOS 7.4.9 build 2813
  • FortiOS 7.6.4 build 3592
  • FortiOS 8.0.0 build 0045

Resolution:

A validation check was introduced to determine whether a session dump is required before executing CPU-intensive system calls, reducing CPU consumption of the 'linkmtd' daemon.

 

Recommendation:

Always confirm the recommended FortiOS build by referring to the article Technical Tip: Recommended Release for FortiOS.
458
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.