Environment:
Hardware: XGS4500 (HA)
SFOS Version: 21.0.0 GA-Build169
Hotfix tag: HF071525.1
Uptime: 195 days
Hallo,
in the last few weeks we have noticed that our network gets really slow when internet usage goes to like 1.2 - 1.4 Gbit/s. We hit 2.5 - 3 Gbit/s in the past and with the hardware that shouldn't be an issue at all. According to the specifications of the hardware we should hit 30Gbit/s+ except for the TLS Inspection. Since we use security features like TLS Inspection, IPS, Web Filter and Logging my guess was that this is causing the slow down but that doesn't seem to be the case. I created a firewall and tls rule for me to disable all the security features but even then it creates the slow down of the network when I create network traffic that uses that rule.
We usually see a CPU load of 5 nowadays which is already quite high for the amount of traffic and hardware. This was at 2 - 3 a few month ago and not much has changed since then. When we create the traffic and hit the 1.2 - 1.4 Gbit/s the load goes up to 8 - 10 which is the limit of the CPU that for causing the slow down. When we look at the processes running we see that about 15 snort processes use up most of the performance but my understanding is that when I disable all the security features this process should not be in use at all.
Was there any hotfix or update in the last few month affecting performance? Could this be a software or hardware issue?
Quote