DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
3900 becoming unreliable
- wga
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 0
17 Sep 2020 16:01 #97182
by wga
3900 becoming unreliable was created by wga
Hi all,
Our usually rock-solid 3900 has become unreliable of late. Last week it randomly stopped responding and needed to be rebooted. I briefly caught a glimpse in the syslog of high CPU load. It's done it again today, and the syslog reads:
cmm: [cmm] err 12: Cannot allocate memory ? sned signal to restart cmm...
But, below this are lots of these:
FPP detect flooding from LAN port (10) LAN 1
Sometimes the above suggests messages suggest flooding on the WAN port too.
I believe this flooding is causing the high CPU/memory load and is then causing the router to crash. The traffic is genuine traffic though. Is there a way to turn the FPP detect off? Or decrease the triggering threshold? Or have we just outgrown our trusty 3900 and need something bigger?
Any ideas ??
Our usually rock-solid 3900 has become unreliable of late. Last week it randomly stopped responding and needed to be rebooted. I briefly caught a glimpse in the syslog of high CPU load. It's done it again today, and the syslog reads:
cmm: [cmm] err 12: Cannot allocate memory ? sned signal to restart cmm...
But, below this are lots of these:
FPP detect flooding from LAN port (10) LAN 1
Sometimes the above suggests messages suggest flooding on the WAN port too.
I believe this flooding is causing the high CPU/memory load and is then causing the router to crash. The traffic is genuine traffic though. Is there a way to turn the FPP detect off? Or decrease the triggering threshold? Or have we just outgrown our trusty 3900 and need something bigger?
Any ideas ??
Please Log in or Create an account to join the conversation.
- service_bb
- Offline
- Junior Member
Less
More
- Posts: 35
- Thank you received: 0
17 Sep 2020 22:31 #97189
by service_bb
Replied by service_bb on topic Re: 3900 becoming unreliable
We had similar problems with our 3900 last year. Our 3900 also used to take a good 5-10 minutes to reboot / boot fully - it was painful.
We replaced it with a 2960 which has worked perfectly.
The problematic 3900 was factory reset and worked perfectly at another site which makes think that ultimately it was a problem with the config (it had been iterated on over many years and firmware updates)
I hate suggest it but I'd say take a backup config, factory reset it, make sure you're on the latest firmware and then build your config up again (there'll probably be plenty of room for streamlining rules etc) and monitor from there.
At least you'll rule out a software issue and it's more likely to be hardware at that point.
We replaced it with a 2960 which has worked perfectly.
The problematic 3900 was factory reset and worked perfectly at another site which makes think that ultimately it was a problem with the config (it had been iterated on over many years and firmware updates)
I hate suggest it but I'd say take a backup config, factory reset it, make sure you're on the latest firmware and then build your config up again (there'll probably be plenty of room for streamlining rules etc) and monitor from there.
At least you'll rule out a software issue and it's more likely to be hardware at that point.
Please Log in or Create an account to join the conversation.
- admin3
- Offline
- Site Admin
Less
More
- Posts: 604
- Thank you received: 0
18 Sep 2020 09:23 #97190
by admin3
Forum Administrator
Replied by admin3 on topic Re: 3900 becoming unreliable
The FPP is the packet processing system. It should indicate that there's more traffic it can handle on that specific LAN interface. If you've got routed networks, or a lot of LAN traffic routing through the switch, you can use "Routing > Fast Route" to lighten the load for traffic going between two LAN subnets. The "NAT > Fast NAT" does the same for outgoing traffic i.e. a specific LAN IP going out through WAN2.
That could potentially improve your router's loading / resolve the FPP flooding issue.
That could potentially improve your router's loading / resolve the FPP flooding issue.
Forum Administrator
Please Log in or Create an account to join the conversation.
- wga
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 0
18 Sep 2020 10:16 #97191
by wga
Thank you for both replies, in particular this one. We have several IPSec profiles connecting our branch offices so I will look at adding these subnets to the Fast Routes.
Replied by wga on topic Re: 3900 becoming unreliable
admin3 wrote:
The FPP is the packet processing system. It should indicate that there's more traffic it can handle on that specific LAN interface. If you've got routed networks, or a lot of LAN traffic routing through the switch, you can use "Routing > Fast Route" to lighten the load for traffic going between two LAN subnets. The "NAT > Fast NAT" does the same for outgoing traffic i.e. a specific LAN IP going out through WAN2.
That could potentially improve your router's loading / resolve the FPP flooding issue.
Thank you for both replies, in particular this one. We have several IPSec profiles connecting our branch offices so I will look at adding these subnets to the Fast Routes.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek