How to determine the causes of high CPU usage (CPU) Security Gateway ZyWALL series?
Suppose that when working with the ZyWALL series Security Gateway, a high CPU load of 90-100% is observed in the Dashboard. How to determine the cause of this phenomenon and eliminate it?
Connect to the ZyWALL using console cable or SSH and execute the debug system show cpu status command. If the processor is busy processing softirq , that is, processing network events, therefore the load is generated by heavy traffic going through the gateway interfaces.
Go to the Monitor> Traffic web interface section to determine which of the gateway interfaces and which hosts create the most load. Statistics is shown not in real time, but total for a period of time. Therefore, when a CPU load problem occurs, you must first click the Flush Data button, and then search the interfaces for which one of them receives heavy traffic. There will also be displayed the hosts that are its sources or recipients.
In our example, there is intense outbound traffic from the host 10.10.10.2. Add a BWM rule to limit the data link for this IP address and this measure should help reduce the load on the gateway's CPU. More information about the Bandwidth Management function in ZyWALL series hardware security gateways can be found in article BZ-2767
Excessive CPU usage in most cases means that the load that the network creates on the router has reached the limits of its hardware capabilities, however, if the above method does not help, or there is no heavy traffic on the network, and CPU Usage is still large, try the following steps :
1. Make sure you are using the latest software on the gateway. If the version corresponds to the current release, try installing the latest version with the WK index from our Download Center
in the Beta-Firmware section. These versions contain all fixes since the last release.
3. In case none of the above helps, connect to the gateway with a console cable or via SSH and collect the following statistics at the moment of high CPU load:
- process statistics:
debug system ps
debug system show cpu status
- port statistics:
show port status
- kernel statistics:
debug logging show log-statistic
debug logging clear log-statistic
wait 10 seconds
debug logging show log-statistics
The received information must be saved to a text file and sent through our Personal Consultation System
along with the startup-config file, the diagnostics file obtained from the Maintenance> Diagnostics> Collect Now
menu, and the most detailed description of the conditions of the problem.
Dear customer, please be aware. Not all text may be translated accurately. If you are on the translated version, please review the original article here: Original Version