This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED issues with 9.704-2 - high CPU load / disconnects

Hello

I am having problems with my RED setup since applying 9.704-2 to my both UTM appliances. They are "homified" SG 115w and UTM 220.

Both have two RED servers and clients connecting vice versa. I am using availability groups with special monitoring on the RED interfaces in order to select my best route to the other site.

This setup was working flawlessly without any issues including version 9.703-3 and all 4 RED tunnels being up at the time. After applying 9.704 I am only able to have one of the four tunnels active. As soon as I activate a second one, I am getting a log like the attached one.
It gives me disconnects, "Missing keepalive from [RED client interface], disabling peer [IP address]" and "Overflow happend on [RED client interface]" messages in the RED log.

red.log

Switching the ep-red RPM package back to the old version solves the problem for me.


BR,
Sascha



This thread was automatically locked due to age.
Parents
  • Hi,

    9.705 does not include RPM packages for red-firmware-chainboot and ep-red. But of course I could upgrade to the latest release.

    I am currently on 9.704-2. Though I have replaced
    ep-red-9.70-58.gdc75c10.rb3.i686
    with
    ep-red-9.70-56.gd3d4160.rb5.i686
    by using the command
    rpm -Uvh --oldpackage ep-red-9.70-56.gd3d4160.rb5.i686.rpm

    This solved my problem and reverted RED to its previous, "normal" behavior.

    With version 9.704-2 and downgraded to ep-red-9.70-56.gd3d4160.rb5.i686:
    sophos:/root # rpm -qa | grep red
    red-unified-firmwares-9700-0.358343537.gd6f8f71.rb3
    red-firmware-chainboot-8.17-0.76174932.g788e4c8
    ipv6-miredo-1.2.5-1.gd589f8c
    red15-firmware-5317-0.340969712.gdeba856ae.rb4
    red-firmware-8.17-0.g30d3fa5.rb1
    nss-shared-helper-chroot-1.0.10-0.7.10.81.g3fa4edb
    python-ordereddict-1.1-1.0.317998409.gab3cfdd.rb2
    red-firmware2-5317-0.340967634.g849d3589d.rb4
    ep-red-9.70-56.gd3d4160.rb5

    EDIT: I have now upgrade to 9.705-3.

    With version 9.705-3 (original):
    sophos:/root # rpm -qa | grep red
    red-unified-firmwares-9700-0.358343537.gd6f8f71.rb3
    red-firmware-chainboot-8.17-0.76174932.g788e4c8
    ipv6-miredo-1.2.5-1.gd589f8c
    red15-firmware-5317-0.340969712.gdeba856ae.rb4
    red-firmware-8.17-0.g30d3fa5.rb1
    ep-red-9.70-58.gdc75c10.rb3
    nss-shared-helper-chroot-1.0.10-0.7.10.81.g3fa4edb
    python-ordereddict-1.1-1.0.317998409.gab3cfdd.rb2
    red-firmware2-5317-0.340967634.g849d3589d.rb4

    The issue still persists.


    BR,
    Sascha

  • Am I able to open a Support Case with SophosSupport as I am only a Home user?

    EDIT: It seems, I am. The assigned case number is: 03167215


    BR,
    Sascha

  • Hello Sascha,

    Thank you for the Case ID. I will update you in case we need something else from your end, most likely the case might get closed since you are a home user, but I have reached out to DEV directly.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • I am currently running with downgraded ep-red, as initially written.

    Only to bear this in mind.

  • Hello Sascha,

    A quick question, you only have site2site RED tunnels, right? No physical RED devices.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Reply Children
No Data