Re: [j-nsp] Session utilization is 90% of the system capacity

Sat, 15 Mar 2008 08:17:45 -0700 

Hi Vincent - 

I saw someone mentioned the FSA tool ( http://tools.juniper.net/fsa/ ),
I'd also recommend this.

Also, if you use MRTG to monitor link utilization, you may want to add a
graph to track software sessions, too.  Insert something like this into
mrtg.cfg, replacing 'public' with your SNMP community string and 'host'
with the IP/hostname of your firewall.

Title[host.sessions]: Software Sessions on host
Target[host.sessions]: 
1.3.6.1.4.1.3224.16.3.2.0&1.3.6.1.4.1.3224.16.3.2.0:[EMAIL PROTECTED]
# tune the following to the "Session soft limit number" from 'get sys-cfg' 
output
MaxBytes[host.sessions]: 32000
Options[host.sessions]: gauge, growright, nopercent
YLegend[host.sessions]: Sessions
Legend1[host.sessions]: Current Sessions
Legend2[host.sessions]: Current Sessions
LegendI[host.sessions]: Sessions:
LegendO[host.sessions]:
PageTop[host.sessions]: <H1>Software Sessions on host</H1>
        <p>This summary page shows the number of software sessions on host.</p>
ShortLegend[host.sessions]: Sessions

- Mark

On Fri, Mar 14, 2008 at 05:25:48PM +0100, Vincent De Keyzer wrote:
> Hello,
> 
> we have a Netscreen 25 at our office (30 people), that we use for 
> Internet access and VoIP.
> 
>  From time to time the firewall goes bananas: traffic does not go 
> through anymore, ping success rate to default gateway is very low, and 
> if we succeed to login, we see very high CPU and messages in the log 
> that say:
> 
> 2008-03-13 15:08:31 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:29 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:28 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:27 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:26 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:24 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:19 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:18 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 2008-03-13 15:08:16 system crit  00051 Session utilization has reached 
> 28857,
>                                        which is 90% of the system capacity!
> 
> How do I troubleshoot this? What are those sessions? How do I identify 
> them? How do I limit them? Is it a good thing to limit them?
> 
> I don't know where to start, so any idea will be appreciated.
> 
> Thanks
> 
> Vincent
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 

-- 
Mark Kamichoff
[EMAIL PROTECTED]
http://prolixium.com/
Rensselaer Polytechnic Institute, Class of 2004

Attachment: signature.asc
Description: Digital signature

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Reply via email to