Zywall 1100 cpu high load 98%
Options
Freshman Member
Router> debug system ps
PID PPID COMMAND USER TT PRI NI %CPU %MEM STAT VSZ RS S SZ SZ STARTED ELAPSED TIME COMMAND
28784 13228 httpd nobody ? 19 0 0.1 0.1 S 26556 638 4 2824 6639 15:36:54 01:01:39 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28750 13228 httpd nobody ? 19 0 0.1 0.1 S 26420 648 0 2688 6605 15:36:52 01:01:41 00:00:06 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
14283 13228 httpd nobody ? 19 0 33.3 0.1 R 26356 694 0 2624 6589 Jan 25 2-18:33:11 22:09:49 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
29943 13228 httpd nobody ? 19 0 0.1 0.1 S 26244 630 0 2512 6561 15:38:27 01:00:06 00:00:06 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28788 13228 httpd nobody ? 19 0 0.1 0.1 S 26212 627 2 2480 6553 15:36:54 01:01:39 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
22756 13228 httpd nobody ? 19 0 0.1 0.1 S 26208 628 4 2476 6552 15:29:47 01:08:46 00:00:07 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
29845 13228 httpd nobody ? 19 0 0.1 0.1 S 26168 623 2 2436 6542 15:38:19 01:00:14 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
14248 13228 httpd nobody ? 19 0 33.2 0.1 R 26164 620 0 2432 6541 Jan 25 2-18:33:12 22:08:13 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28969 13228 httpd nobody ? 19 0 0.1 0.1 S 26164 619 6 2432 6541 15:37:02 01:01:31 00:00:06 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
14281 13228 httpd nobody ? 19 0 33.0 0.1 R 26152 710 4 2420 6538 Jan 25 2-18:33:11 21:57:57 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28951 13228 httpd nobody ? 19 0 0.1 0.1 S 26148 617 6 2416 6537 15:37:02 01:01:31 00:00:06 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28338 13228 httpd nobody ? 19 0 0.1 0.1 S 26140 629 6 2408 6535 15:36:38 01:01:55 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28885 13228 httpd nobody ? 19 0 0.1 0.1 S 26140 628 4 2408 6535 15:37:00 01:01:33 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28337 13228 httpd nobody ? 19 0 0.1 0.1 S 26140 626 8 2408 6535 15:36:38 01:01:55 00:00:06 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28770 13228 httpd nobody ? 19 0 0.1 0.1 S 26140 623 2 2408 6535 15:36:53 01:01:40 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28783 13228 httpd nobody ? 19 0 0.1 0.1 S 26136 624 4 2404 6534 15:36:54 01:01:39 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28797 13228 httpd nobody ? 19 0 0.1 0.1 S 26136 621 6 2404 6534 15:36:54 01:01:39 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
14300 13228 httpd nobody ? 19 0 33.0 0.1 R 26120 714 4 2388 6530 Jan 25 2-18:33:11 22:00:06 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
19406 13228 httpd nobody ? 19 0 33.2 0.1 R 26120 702 8 2388 6530 Jan 25 2-18:29:51 22:05:58 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
14286 13228 httpd nobody ? 19 0 32.9 0.1 R 26112 715 2 2380 6528 Jan 25 2-18:33:11 21:54:58 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
29064 13228 httpd nobody ? 19 0 0.1 0.1 S 26104 624 8 2372 6526 15:37:09 01:01:24 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28785 13228 httpd nobody ? 19 0 0.1 0.1 S 26100 608 0 2368 6525 15:36:54 01:01:39 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28796 13228 httpd nobody ? 19 0 0.1 0.1 S 26092 621 6 2360 6523 15:36:54 01:01:39 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28767 13228 httpd nobody ? 19 0 0.1 0.1 S 26092 612 4 2360 6523 15:36:53 01:01:40 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
15110 13228 httpd nobody ? 19 0 0.2 0.1 S 26092 599 2 2360 6523 16:04:35 33:58 00:00:04 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
28939 13228 httpd nobody ? 19 0 0.1 0.1 S 26076 618 8 2344 6519 15:37:02 01:01:31 00:00:05 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
13235 13228 httpd nobody ? 19 0 32.9 0.1 R 26056 767 2 2324 6514 Jan 25 2-18:33:39 21:54:14 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
21777 13228 httpd nobody ? 19 0 33.4 0.1 R 26052 556 8 2320 6513 Jan 25 2-18:21:53 22:12:45 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
24646 13228 httpd nobody ? 19 0 33.4 0.1 R 26048 664 4 2316 6512 Jan 25 2-18:29:22 22:13:45 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
21395 13228 httpd nobody ? 19 0 33.3 0.1 R 26044 614 4 2312 6511 Jan 25 2-18:22:01 22:07:04 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
2752 13228 httpd nobody ? 19 0 32.3 0.1 R 26028 632 0 2296 6507 Jan 26 2-10:33:30 18:55:04 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
26126 13228 httpd nobody ? 19 0 33.3 0.1 R 26028 606 0 2296 6507 Jan 25 2-18:19:01 22:07:13 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
11151 13228 httpd nobody ? 19 0 32.3 0.1 R 26028 600 8 2296 6507 Jan 26 2-10:23:16 18:54:59 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
14259 13228 httpd nobody ? 19 0 33.2 0.1 R 26028 590 4 2296 6507 Jan 25 2-18:33:12 22:08:40 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
15025 13228 httpd nobody ? 19 0 33.2 0.1 R 26028 586 8 2296 6507 Jan 25 2-18:26:26 22:07:22 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
21396 13228 httpd nobody ? 19 0 33.4 0.1 R 26028 554 0 2296 6507 Jan 25 2-18:22:01 22:13:09 /usr/local/apache/bin/httpd -f /usr/ local/zyxel-gui/httpd.conf -k graceful -DSSL
14180 13228 httpd nobody ? 19 0 33.3 0.1 R 25928 532
Router> debug system show cpu status
CPU utilization: 99 % (system: 3 %, user: 71 %, irq: 0 %, softirq 25 %)
CPU utilization (1 minute): 99 % (system: 1 %, user: 81 %, irq: 0 %, softirq 17 %)
CPU utilization (5 minute): 99 % (system: 1 %, user: 83 %, irq: 0 %, softirq 15
how to restart httpd or kill it?
how to restart httpd or kill it?
0
Accepted Solution
-
Hello cuong,This behavior is caused by the device receives huge HTTP requests when web auth is enabled, resulting in daemon busy and high CPU rate.We have suggestions to help relieve this issue, it's a usual workaround for some customers.1. Limit the HTTP connection per IP, please input the commandRouter(config)# ip http max-connection-per-ip 15Router(config)# write2. Bypass some domain in web authaddress-object micro_service fqdn *.events.data.microsoft.comaddress-object ov_google_it fqdn google.itaddress-object ov_aus5_mozilla_org fqdn *.mozilla.orgaddress-object ov_detectportal_firefox_com fqdn detectportal.firefox.comaddress-object mozilla_net fqdn *.mozilla.netobject-group address webauth_dst_bypass_fqdn_groupaddress-object ov_google_itaddress-object ov_aus5_mozilla_orgaddress-object ov_detectportal_firefox_comaddress-object mozilla_netweb-auth policy 1 (Add on first rule)destination webauth_dst_bypass_fqdn_groupauthentication-type default-web-portaldescription Regola per bypass browser issue loginactivate!
If the issue still exists, please provide remote access through private message, thanks.
James0
Zyxel Employee
All Replies
-
Looks like your router is running a corrupted configuration. If your router does not return to normal operation by rebooting it (power off and on again), you may want to consider reinstalling with a default firmware.0
-
Are there many users did not authorised by Web Authentication function?0
-
disable remote admin for a while, then design a lesser permissive security policy for remote admin0
-
Hello @cuongDo you enable the Web Auth feature? If so, is it happen when a lot of users connect for authentication?0
-
Do you enable the Web Auth feature? -->yesZyxel_James said:Hello @cuongDo you enable the Web Auth feature? If so, is it happen when a lot of users connect for authentication?If so, is it happen when a lot of users connect for authentication? i don't think so. Number of login users:157
And how to check how many users connected via CLI.
0 -
Hello @cuong,To check how many users logged onto the system, the command isRouter# show users countTo check the information about the user logged onto the system, the command isRouter# show users allPlease reproduce the issue and provide diag-info when the CPU rate is high, thanks.0
-
Hello cuong,This behavior is caused by the device receives huge HTTP requests when web auth is enabled, resulting in daemon busy and high CPU rate.We have suggestions to help relieve this issue, it's a usual workaround for some customers.1. Limit the HTTP connection per IP, please input the commandRouter(config)# ip http max-connection-per-ip 15Router(config)# write2. Bypass some domain in web authaddress-object micro_service fqdn *.events.data.microsoft.comaddress-object ov_google_it fqdn google.itaddress-object ov_aus5_mozilla_org fqdn *.mozilla.orgaddress-object ov_detectportal_firefox_com fqdn detectportal.firefox.comaddress-object mozilla_net fqdn *.mozilla.netobject-group address webauth_dst_bypass_fqdn_groupaddress-object ov_google_itaddress-object ov_aus5_mozilla_orgaddress-object ov_detectportal_firefox_comaddress-object mozilla_netweb-auth policy 1 (Add on first rule)destination webauth_dst_bypass_fqdn_groupauthentication-type default-web-portaldescription Regola per bypass browser issue loginactivate!
If the issue still exists, please provide remote access through private message, thanks.
James0
Master Member
Guru Member
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 52 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight
