Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
935
Views
0
Helpful
0
Replies

Firepower IPS High CPU

fatalXerror
Level 5
Level 5

‎10-09-2018 06:14 AM - edited ‎03-12-2019 07:01 AM

Hi Guys,

 

We are clueless already for this troubleshooting. We have FTD acting as an IPS and we are experiencing high CPU for some cores in random basis.

 

TAC engineer recommends to do flow profiling however, this have an interruption because SNORT process needs to restart and they confirmed it already that it will have an interruption. Is there's other way to get the information included in the flow profiling but without using flow profiling method?

 

I read also about the the large session traffic ("elephant flow"), my understanding about it is that a single large stream of traffic is cannot handled by FP CPU. But I thought traffic handling of FP load balanced within the CPU cores but why this one large session traffic is an issue? How to check also those traffic which causes this kind of traffic flow?

 

Hope you can help.

 

Thanks

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card