Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 28 subscribers
  • Views 510 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple Firewalls WAN going offline intermittently for 2-15 minutes at a time

Ryan Partington

We manage over 100 XGs, and I've got an unusual issue whereas in the last week I'm starting to see the circuit go offline for anything between a couple of minutes to up to 15, then it returns.

I'm currently investigating with upstream providers, and our contacts in the datacentre so can't be sure it is in fact the XGs. But was just wondering on a whim if anyone else is experiencing anything similar recently?

It's currently only happening on 5 or so customer sites so could be completely unrelated to XG. 



This thread was automatically locked due to age.
  • 0

    We use a program called PingPlotter for this sort of issue - https://www.pingplotter.com/

    As it is a trace route program rather than a ping program, you can see which part of the network is dropping the traffic. Be aware though, prior to 18 MR-4, XGs don't respond to trace route traffic so you have to setup a separate monitor for the XG IP itself if you want to check the traffic isn't getting blocked before it reaches the XG (this issue was fixed in MR4).

    Have you checked the logs to see if anything is logged at the time of the outages. For instance, all our 100 series XGs drop traffic for 2-4 minutes every time there is an IPS or ATP update. This is considered normal behaviour!

  • 0 in reply to JasP

    Thanks

    We use something similar, at the time of the drops the last hop out is the firewall, and the last hop in is the external IP prior to the firewall. So it does suggest something between the WAN interface on the firewall, the bridged router and the fibre going back to where the circuit terminates.

    Quite a tricky one, just wanted to float it out there as like I say, it may have nothing to do with the XGs, just wondering if anyone else was having similar problems.

    Thanks for your input.

  • 0 in reply to Ryan Partington

    You could perform something like a ring buffer tcpdump, which will overwrite itself on XG. 

    Logging such tcpdump into /tmp/ and analyse it after a downtime should give you insights.