Hello,
From Last 10-15 days , I have monitor 2 of my CCR are getting High CPU for 10-20 minutes on night time. Ever router is getting unassailable from winbox.
on that time i have monitor following points. we need to resolve the issue but no way out found.
- CPU getting 100% full.
- bandwidth utilization getting 80-100%on up links.
Below points are can be noted.
- Two of CCRs are connected with uplink ISPs.
- filter rulers are added to drop ICMP, DNS, SIP. (not in RAW)
- any srcnat (srcnat/masquerade/netmap…) rules with manually specified range of ports?
- any content/L7 conditions in your firewall rules? if not, what other conditions do you usually use?
- do you have “accept established/related” filter rule in forward chain on top of your rules?
- what is the speed of your uplinks? (it is difference if you are getting 80% of 1Gbit uplink or 80% of 10Gbit uplink)
Ideally - can you just post config with removed private info?
hi vecernik87,
Here all answer
- any srcnat (srcnat/masquerade/netmap…) rules with manually specified range of ports?
No, as its my core router. So no srcnat/masquerade/netmap..on that.
- any content/L7 conditions in your firewall rules? if not, what other conditions do you usually use?
No
- do you have “accept established/related” filter rule in forward chain on top of your rules?
no, only drop filter for icmp, dns,sip
- what is the speed of your uplinks? (it is difference if you are getting 80% of 1Gbit uplink or 80% of 10Gbit uplink)
4GBPS, its getting full of 3+ while facing the issue.
some additional info: only BGP is configure on router with multiple of single uplinks. And ibgp configure for internal communication.