1 2 Previous Next 11 Replies Latest reply on Jan 18, 2010 4:53 PM by rcamm

    Upgraded SG560 to 4.0.5 - now runs very slow

      The SG560 that I got upgraded to 4.0.5 now runs very slowly and keeps dropping connections.  Do I just need to factory reset and rewrite all the definitions?

        • 1. Re: Upgraded SG560 to 4.0.5 - now runs very slow

          Upgraded from version 3 I assume ?

           

          can you post the output of

           

          cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count

           

          and

           

          ps

           

          from the command line ?

          • 2. Re: Upgraded SG560 to 4.0.5 - now runs very slow

            Sure - will do in about 30 when I've reconfigured.  After I put the packet capture in to try to work out why no port 80 the whole unit stopped responding.  So I factory reset it.  When I unplug the DMZ and the workstation cloud the machine runs at a much better speed.  After the factory reset I've reestablished the workstation cloud and it's in reasonable shape and the machine is still responding well

            • 3. Re: Upgraded SG560 to 4.0.5 - now runs very slow

              I isolated the run-slow to issues on the DMZ - one particular lead causes the machine to slow enormously when I add it.  I've removed that.

               

              The issue is now that the box reboots itself randomly when the DMZ is active.

              • 4. Re: Upgraded SG560 to 4.0.5 - now runs very slow

                can you post the output of

                 

                cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count

                 

                and

                 

                ps

                 

                from the command line ?

                • 5. Re: Upgraded SG560 to 4.0.5 - now runs very slow


                  # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count
                  1916
                  # ps
                    PID USER       VSZ STAT COMMAND
                      1 root       456 S    /bin/init
                      2 root         0 SW<  [kthreadd]
                      3 root         0 SWN  [ksoftirqd/0]
                      4 root         0 SW<  [events/0]
                      5 root         0 SW<  [khelper]
                      6 root         0 SW<  [kblockd/0]
                      7 root         0 SW   [pdflush]
                      8 root         0 SW   [pdflush]
                      9 root         0 SW<  [kswapd0]
                     10 root         0 SW<  [aio/0]
                     11 root         0 SW<  [mtdblockd]
                     18 root       568 S    watchdog /dev/watchdog
                     48 root         0 SW<  [ixp400_eth]
                     49 root         0 SW<  [ixp400_eth]
                    131 root         0 SW   [crypto]
                    132 root         0 SW   [crypto_ret]
                    195 root      1596 S    statsd daemon
                    325 root       396 S    /bin/inetd
                    326 root       500 S    /bin/flatfsd
                    327 root       580 S    /sbin/syslogd -n
                    328 root       568 S    /sbin/klogd -n
                    329 root       396 S    /bin/cron
                    330 root       796 S    /bin/ifmond
                    331 root      1684 S    /bin/acld
                    334 root         0 SW   [ixp400 eth1]
                    335 nobody     484 S    /bin/dnsmasq -k -T 0 -b -r/etc/config/resolv.dnsmasq
                    339 root       976 S    /bin/nflogd -p -d -c
                    376 root         0 SW   [ixp400 eth0]
                    395 root       864 S    /bin/pppd file /etc/config/pppoe.eth1
                    519 root      3172 S    /bin/dhcpd -f
                  3387 root      5776 S    sshd: root@pts/0
                  4364 root       584 S    -sh
                  8951 root       572 R    ps
                  8954 root         0   []
                  8955 root         0   []
                  8966 nobody     576 R    sh -c statsd -a push dns cache_size 150 \; push dns c
                  8967 nobody    1440 R    statsd -a push dns cache_size 150 ; push dns cache_to
                  #

                  • 6. Re: Upgraded SG560 to 4.0.5 - now runs very slow

                    I believe the other posts you have

                     

                    http://community.mcafee.com/message/108604#108604

                     

                    http://community.mcafee.com/message/108603#108603

                     

                    are all created by the same issue.

                     

                    This output

                     

                    # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count
                    1916

                     

                    shows you have nearly 2000 connection through the device at the time the report was generated. Normal usage for you may have even a higher number of connections.

                     

                    As such you should check

                     

                    System -> System Setup -> Memory Allocation -> Connection Tracking and ensure that there is enough memory dedicated to tracking these connections in the stateful firewall.

                     

                    More information on performance can be found here, which mentiones the number of connections.

                     

                    http://community.mcafee.com/docs/DOC-1114

                    • 7. Re: Upgraded SG560 to 4.0.5 - now runs very slow

                      From the 560 command line

                       

                      cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
                      2048

                       

                      the default number of connection on a 560 V4...so this is no doubt a limit you are hitting.

                      increasing the memory I indicated will increase this value...but make sure there is enough memory for other enabled subsytems

                      • 8. Re: Upgraded SG560 to 4.0.5 - now runs very slow

                        I have a second 560 and still runhning 3.1.5.  I plugged it in wiped the setup back to factory and then re-entered the rules and it runs fine under the load. th

                         

                        I'm reflashing the first 560 to see if anything changes.  Does the v4 OS use that much more in the resource front than v3?

                        • 9. Re: Upgraded SG560 to 4.0.5 - now runs very slow

                          Version 3 ran the linux 2.4 kernel, while v4 is the 2.6 kernel and as such the memory footprint is a bit larger.

                           

                          But what is also new is the memory management feature, which has limited you to 2048 connections by default.

                           

                          Only very few installations reach this limit for the 560, and you can increase this limit.

                           

                          What the memory management feature does is allow you to configure which services you need depending on your enviroment, and maintain stability.

                          1 of 1 people found this helpful
                          1 2 Previous Next