Community discussions

MikroTik App
 
bat0nas
just joined
Topic Author
Posts: 15
Joined: Wed Mar 09, 2016 12:02 pm

What exactly causes 100% CPU load?

Mon Apr 19, 2021 1:22 pm

My router is constantly being DDOS'ed (don't ask me why :) ).
I made some scripts and see that during ddos my CPU is loaded 60% which makes it inaccessible. But in particular CPU 3 is loaded 100% by some firewall operations (from the Profile tool).

How to know exactly what FW rules are being processed?
I would gladly disable those FW rules. Just need to understand what causes router to go down.

PS: ICMP is disabled as a TOP fw rule in my config. So it's something else.
PS2: https://help.mikrotik.com/docs/pages/vi ... d=28606504 this also has been applied. Didn't help.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11444
Joined: Thu Mar 03, 2016 10:23 pm

Re: What exactly causes 100% CPU load?

Mon Apr 19, 2021 7:53 pm

All FW rules have counters ... check which counter is incrementing the most while under DDOS. Don't blindly disable that rule, result might be vulnerable LAN.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: What exactly causes 100% CPU load?

Mon Apr 19, 2021 7:59 pm

check if the dns responder is active or not, eventually put a firewall rule.

Who is online

Users browsing this forum: abdullanetworking, Bing [Bot], cmmike and 47 guests