Gateway CPU/Memory Utilization
VPN: ER8411 v1.0
Firmware Version: 1.1.0 Build 20230705 Rel.64091
Model: OC300 1.0
Firmware Version: 1.22.4 Build 20240304 Rel.59252
Hi, we have been experiencing problems with our VPN router for the past week. When clients connect to the network, the CPU utilization of the VPN router reaches 100%, causing issues with load balancing and resulting in clients losing internet connectivity for approximately 30 to 40 minutes. After that time, the CPU utilization returns to normal levels.
Regarding our ISP, we have 7 connections of 100 Mbps each, which are connected to the VPN router. We have around 500 clients, and each client gets a download and upload speed of 950 K bps.
"Please take a look at the attached PDF file for further details."
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hello I have more than 500 clients using the internet service and to control the download and upload speeds, we have implemented a bandwidth control policy for each client. Additionally, I have mentioned that we are not using any network monitoring services, and we manage our network through a VPN and an Omada Controller device.
we recently discovered a solution to control high CPU usage on the controller. The solution involves accessing the controller, navigating to the WAN mode option, selecting the load balancing option, and disabling "Application Optimized Routing." After saving these changes, you noticed that the CPU usage returned to normal
- Copy Link
- Report Inappropriate Content
upgrade the router to the latest version to see if that helps.
the router has had a high cpu on some of the old versions
- Copy Link
- Report Inappropriate Content
We have already attempted to update the firmware of the VPN router. Unfortunately, the problem persists even after the upgrade. Additionally, we are facing another issue where the VPN drops the WAN connectivity, resulting in clients being unable to access the internet. That is why we decided to downgrade the firmware to restore stability to the WAN connectivity.
- Copy Link
- Report Inappropriate Content
I have an ER8411 myself and I have also had a lot of problems with VPN, my problems have mainly been SSL and OpenVPN, SSL problem has been in combination with IPsec site to site which has made Site to Site unstable and many strange errors. Now I use a raspberry pi5 as a VPN server and the ER8411 only does IPsec site to site, which it is very good at.
but your problems don't sound exactly like the problems I have. maybe you should report it to support, maybe they can assist better than we can here on the forum.
- Copy Link
- Report Inappropriate Content
Hi @AnnusKhan
Thanks for posting in our business forum.
Judging from the pdf you provided, it looks like someone used the Internet heavily during that peak of the CPU on the router.
It does not always keep that high CPU usage. It happened during a timestamp where few clients but super high download data happened.
It does not look like a high number of clients in your network as it happened during the time where you have very few clients.
You might wanna limit the speed on your clients. Do you have bandwidth control or anything like that?
I don't know what to say as I don't know about P2P download. Do you monitor your network with the DPI or something? That high download does not look right.
And you have two switches down at some point. Do you check this? Is that manual reboot?
BTW, if you contact the support, please make sure you specify the point where you experienced the problem. You have multiple CPU fluctuations.
Please provide the network config like how many VPNs you have, and your assumption about how many clients are concurrently online at the timestamp where CPU surges and switch disconnected.
Any specific pattern would be helpful for the diagnosis.
I so far think this might be a problem with the device using high bandwidth.
- Copy Link
- Report Inappropriate Content
Hello I have more than 500 clients using the internet service and to control the download and upload speeds, we have implemented a bandwidth control policy for each client. Additionally, I have mentioned that we are not using any network monitoring services, and we manage our network through a VPN and an Omada Controller device.
we recently discovered a solution to control high CPU usage on the controller. The solution involves accessing the controller, navigating to the WAN mode option, selecting the load balancing option, and disabling "Application Optimized Routing." After saving these changes, you noticed that the CPU usage returned to normal
- Copy Link
- Report Inappropriate Content
Hi @AnnusKhan
AnnusKhan wrote
Hello I have more than 500 clients using the internet service and to control the download and upload speeds, we have implemented a bandwidth control policy for each client. Additionally, I have mentioned that we are not using any network monitoring services, and we manage our network through a VPN and an Omada Controller device.
we recently discovered a solution to control high CPU usage on the controller. The solution involves accessing the controller, navigating to the WAN mode option, selecting the load balancing option, and disabling "Application Optimized Routing." After saving these changes, you noticed that the CPU usage returned to normal
Application Optimized Routing would be demanding for the CPU. Esp when you have that amount of devices concurrently using the Internet and being balanced. For DPI and IDS, they will be heavy CPU usage features as well if you have that many devices using the Internet at the same time. Would be normal to see the CPU surges.
Bandwidth control would be very effective in your situation.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 784
Replies: 6
Voters 0
No one has voted for it yet.