I have an issue with the firewall going up to 100% CPU, which in turn leads to a completely unusable network.The only other metric that shows a significant increase in this timeframe is the "Concurrent connections" metric under "Network Usage". Which peaks at ~65k, which looks suspiciously like the max port limit for e.g. TCP.
There is no service open to external, except OpenVPN which is used by <10 users at a time.
So my question is what exactly can lead to the increase in concurrent connections. Does this metric include TCP connections that are routed through the firewall or only connections that are terminated by the firewall ?Is there any way to prevent the high CPU usage proactively ?It is a SG210 with Firmware 9.705-3
This is how the concurrent connections graph looks when this situation occurs.
Hallo and welcome to the UTM Community!
When this problem occurs, what does top at the command line show as the culprit?
Cheers - Bob