Hi,
I have a HA with two ASG 625.
The Firewalls are located in different locations and are connected via two switches which are connected via a dark fiber.
Recently the Master started going nuts sending constantly around 500-700Mbit/s on the HA Interface.
A tcpdump showed me this on the HA interface.
IP node2.48921 > 225.0.0.50.3780: UDP, length 1900 (Node 2 is master right now)
And there are a lot of these
10102 packets captured in like two or three seconds
Top showes me that the conntrackd is using one complete CPU.
When it do a failover to the slave I have a loss of about 10 seconds before it is reachable again. It usualy is only one ping.
I have another HA with two 220 on the same switch (different vlan though) that is working just fine.
I see the same packets with a tcpdump but far not as many and the length is only 68 not 1900.
Could this have anything to do with the MTU and jumbo frames?
Anybody have an idea what could this be and how I could correct this?
Installed firmware is 9.111-07
Thanks.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
