Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Vasiliy
New Contributor

proxyd overload my device

Hello! I Use FortiGate-60D with 5.2 GA. I have situation when some thing in my network (how I think from one of my users computer) overload my fortigate device during workday. I enter command diag sys top-summary '-s mem' and see that service PROXYD have high load (~70% CPU) every 30 minutes for 1-2 minutes. During that time all users can't use internet or email (they are extremely slow or don't work) Can I see more detailed what load that service? How? Thank you!

4 REPLIES 4
Vasiliy
New Contributor

The answer is: i has corrupted POP3 connection from one of my computer, when user try to establish it all Fortigate device was loaded to 100% until connection close by timeout. Next time outlook try to connect (between 30 minutes or user manual by pressing "F9" to refresh) device again was loaded. I found user, clean remote mailbox, and all back to normal state!

Big_Abe

How did you find the source of what was overloading your proxyd?

 

I currently have one of my fortigates doing the same thing and nothing obvious that myself, or the TAC could find.  :\  Yet it spikes over 95% and starts failing open, or I have to reboot. 

 

Cheers. 

FCNSP

-------------------------------------

"They have us surrounded again, those poor bastards."

-Unnamed Medic

FCNSP ------------------------------------- "They have us surrounded again, those poor bastards." -Unnamed Medic
Vasiliy

Hello Abe!

 

First I use command "diag sys top-summary '-s mem'" (without ") to look after proxyd process, then I try to find out how often I have this high load, after I found that I have this bad connection every 30 minutes I try to remember what exactly in my home network scheduled to every 30 minutes connection, almost immediately I remember that I have only one software that have connection every 30 minutes to internet - Outlook. At lunch I check every computer in network for connection and find what computer have bad Outlook request (start mail exchange and back to my workplace to check is that connection bring high load).

 

So! First - check time period! Second - find software what have that period connection! Third - find the PC!

 

Hope that clear to you, sorry for bad language! ;)

Vasiliy

One more advice, upgrade your device to new firmware (if not yet), long time I used 5.2.4 with some SSL bugs confirmed, after I update to 5.2.8 it start works little easier, but be careful with 5.2.9 it buggy for some devices (look new topics here).

Labels
Top Kudoed Authors