Hi,
There are lots of logs to consider in investigating this scenario.
For one, we need to know;
what were the configuration changes before this issue happened?
check running background services on your srx;
show system processes extensive
check if there are known descriptive logs ;
show log messages |last 200
Leangf
------------------------------
ANGFE LANDAGAN
------------------------------
Original Message:
Sent: 03-22-2021 11:40
From: Unknown User
Subject: Performance degradation
Hi, everyone
I have srx240 in cluster mode with two ipsec tunnels, filter-based forwarding, some stateless firewall rules, three vlans, a few zones and policies. Nothing resource intensive i think.
Everything was fine, but today I was bombarded with messages like this
RT_FLOW: FLOW_REASSEMBLE_SUCCEED: Packet merged source <here public ip of my ipsec endpoint> destination <public ip of srx240> ipid 42988 succeed
The speed of the Internet and via ipsec tunnels dropped. Traceroute from local network shows 50-60% losses on SRX240.
Here is the output of the chassis metrics
{primary:node0}[edit]# run show chassis routing-engine node0:--------------------------------------------------------------------------Routing Engine status: Temperature 41 degrees C / 105 degrees F CPU temperature 39 degrees C / 102 degrees F Total memory 1024 MB Max 727 MB used ( 71 percent) Control plane memory 544 MB Max 403 MB used ( 74 percent) Data plane memory 480 MB Max 326 MB used ( 68 percent) CPU utilization: User 14 percent Background 0 percent Kernel 26 percent Interrupt 0 percent Idle 60 percent Model RE-SRX240H Serial ID AABP9504 Start time 2021-03-22 14:03:39 UTC Uptime 1 hour, 13 minutes, 13 seconds Last reboot reason 0x20:power-button soft power off Load averages: 1 minute 5 minute 15 minute 0.64 0.75 0.73{primary:node0}[edit]# run show chassis forwarding node0:--------------------------------------------------------------------------FWDD status: State Online Microkernel CPU utilization 13 percent Real-time threads CPU utilization 11 percent Heap utilization 68 percent Buffer utilization 1 percent Uptime: 1 hour, 10 minutes, 49 seconds
Security flow settings
# show security flow tcp-mss { ipsec-vpn { mss 1350; }}tcp-session { no-sequence-check;}
Can someone tell me where to dig in this situation?
Thanks.