Hi folks

I hope you're all doing well.

I'm writing because I have a little "cosmetic" problem with my Fortigate 60E which is in use by one of my companies clients.

Our monitoring tool notifies a lot of drops on interface 5 (more than 500k/hour). So I started troubleshooting.

First I run the dia hard deviceinfo nic internal5 command:

Description :FortiASIC NP6LITE Adapter Driver Name :FortiASIC NP6LITE Driver Board :60E lif id :7 lif oid :71 netdev oid :71 Current_HWaddr xx Permanent_HWaddr xx ========== Link Status ========== Admin :up netdev status :up autonego_setting:1 link_setting :0 speed_setting :10 duplex_setting :0 Speed :1000 Duplex :Full link_status :Up ============ Counters =========== Rx Pkts :18208097703 Rx Bytes :11024838411269 Tx Pkts :15296225169 Tx Bytes :10319894982632 Host Rx Pkts :3749448284 Host Rx Bytes :9406441080 Host Tx Pkts :582392616 Host Tx Bytes :11678029692 Host Tx dropped :0

Couldn't see any problems.

Then I run the following command:

fnsysctl ifconfig internal5

internal5 Link encap:Ethernet HWaddr xx UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 [size="2"] RX packets:18213138482 errors:0 dropped:2148776702 overruns:0 frame:0[/size] TX packets:15302455501 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:11026769464625 (10269.5 GB) TX bytes:10324633075520 (9615.6 GB)

You can see (red marked) that there are a LOT of receiving Drops. 

I checked the interface speed on both sides, switch and firewall. Both duplex 1Gig/s. So no problems here.

The bandwith useage is also "normal" in other words less than 500mbit/s.

Do you have any suggestions what I can try to resolve this drops? Funny thing is: The customer doesn't perceive any problems so that's why I'm calling it a "cosmetic" problem.

Best regards

Jimmy