cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
973
Views
1
Helpful
4
Replies

Standby FTD showing high CPU utilization

MarcusJ
Level 1
Level 1

Hello,

We utilize FMC running 7.2.5 to manage, among others, a pair of FTD 2110s running 7.2.5 in active/standby mode. In the process of moving to 7.2.5 we also upgraded from SNORT 2 to SNORT 3.

We have been getting reports, and have been able to reproduce numerous connection issues through this firewall pair. They are observed mostly with RDP sessions and when moving large files.

I monitored the CPU utilization from expert mode for a while and noticed what I think might be a perl script running to prune or purge data. This runs intermittently but usually shoots the CPU utilization on the standby unit above 90% utilization. I don't know that this is part of the issue, but I'd like to get help understanding if this is expected behavior as we run through all possibilities.

Can anyone confirm this as normal behavior for the pruner.pl script?

The full path is: /user/bin/perl /ngfw/usr/local/sf/bin/Pruner.pl --persistent

4 Replies 4

MarcusJ
Level 1
Level 1

I should note, that I'm also getting high CPU utilization alerts for a CPU10 but I have not been able to figure out how to see that CPU.

we need to sure that this FW is standby not Active
the active pass the traffic build conn and inspect it
standby is hold and only sync it info with active 
so we need to be sure first it active or standby 

MHM

The FTD in question is the standby. I've attached a screenshot of the failover state.

b.pugelnik
Level 1
Level 1

You are probably hitting CSCwh79095

Review Cisco Networking for a $25 gift card