Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 26 subscribers
  • Views 3321 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Huge Spike in CPU? - fqdnd service DEAD?

ccanv

Can someone please help me! I have been having issues lately with my Sophos XG 330 rev.2 Firewall. First off I have had a complete system crash where I had to completely re-install firmware (the system reboots to "fail safe mode") Next I keep randomly having huge spikes in the CPU and I have not made any major changes in logging and or services. The firewall has been running fine for about a year with the same settings and now all of a sudden all of these issues. I am running version 17.5.15 MR-15.

Right now as I type this the CPU is at 30% and memory 16% which is around the normally for the memory. Normally even with our full load of client devices the CPU averages around 1-3% and 13-16% Memory. I am afraid to reboot the router because the last time I did that the device went into, "failsafe mode"

Also another note random services keep dying for no reason for example the fqdnd service and a couple more I cannot think at the top of my head. The web GUI sometimes also becomes inaccessible where the control center will not load stats so a reboot is required.

I am not sure what to do anymore the system is barely under load compared to the specs ~ client ratio ~ data rates.

Sigh 

Any help is appreciated



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Could you please provide the output of the following commands from the Advanced Shell? 

    • ls -al /var/cores
    • df -kh
    • top
    • service -S | grep -i "dead"

    The output of the following command from the console. 

    • system firewall-acceleration show

    Sophos XG Firewall: How to SSH to the firewall using PuTTY utility.

    • From the main menu, type 4 to access the Device console or type 5, then 3 to access the Advanced shell.

    Thanks,

  • 0 in reply to FormerMember

    Here you go;

    • ls -al /var/cores

    • df -kh

    • top

    • service -S | grep -i "dead" [I already restarted dead services but that does not explain why they go dead in the first place]

    • system firewall-acceleration show after running CLI returns .. - [/bin/sh: system: not found]

  • 0 in reply to ccanv

    Hello ccanv,

    Thank you for the screenshots.

    It seems your appliance is failing for the number of Coredumps it has, so you need to open a case with Support to get this investigated. (https://support.sophos.com/support/s/?language=en_US

    When opening the case, provide the csc.log, applog.log, syslog.log msync.log and networkd.log as well as the output of the /var/cores commands, and share with us the Case ID.

    The last command needs to be run on the console, not in the advanced shell, you can mode from the advanced shell to the console by typing 

    # cish

    console> system firewall-acceleration show

    Regards,

Reply
  • 0 in reply to ccanv

    Hello ccanv,

    Thank you for the screenshots.

    It seems your appliance is failing for the number of Coredumps it has, so you need to open a case with Support to get this investigated. (https://support.sophos.com/support/s/?language=en_US

    When opening the case, provide the csc.log, applog.log, syslog.log msync.log and networkd.log as well as the output of the /var/cores commands, and share with us the Case ID.

    The last command needs to be run on the console, not in the advanced shell, you can mode from the advanced shell to the console by typing 

    # cish

    console> system firewall-acceleration show

    Regards,

Children