Technical Tip: High CPU usage after enabling DPDK

abarushka · ‎01-05-2024

Description

This article describes that after enabling DPDK high CPU usage can be observed.

Scope

FortiGate.

Solution

After enabling DPDK high CPU usage (up to 100%) can be observed. All CPU cores will be loaded by ipsengine. This is an expected behavior.

config dpdk global
set status enable
end

get system performance status
CPU states: 67% user 32% system 0% nice 1% idle 0% iowait 0% irq 0% softirq
CPU0 states: 64% user 35% system 0% nice 1% idle 0% iowait 0% irq 0% softirq
CPU1 states: 71% user 28% system 0% nice 1% idle 0% iowait 0% irq 0% softirq

diagnose sys top 5 99
ipsengine 2839 R < 99.9 6.0 1
ipsengine 2838 R < 99.5 6.1 0

In case of 'sleep-on-idle' is enabled only one CPU core will be overloaded due to ipsengine.

config dpdk global
set sleep-on-idle enable
end

get system performance status
CPU states: 34% user 15% system 0% nice 51% idle 0% iowait 0% irq 0% softirq
CPU0 states: 68% user 30% system 0% nice 2% idle 0% iowait 0% irq 0% softirq
CPU1 states: 1% user 0% system 0% nice 99% idle 0% iowait 0% irq 0% softirq

diagnose sys top 5 10
ipsengine 2830 R < 99.9 6.1 0
ipsengine 2831 S < 0.0 6.0 1