How to resolve the issue of high CPU usage when clients are connected to the LAN port only?
Scenario :
Users may encounter an issue where, when clients are connected only to the LAN port and configure the firewall through the Web-GUI, the firewall fails to connect to the WAN port, resulting in high CPU usage from time to time, as shown below:
What is the cause of this issue and how can it be resolved?
Answer :
The reason for the high CPU usage is the numerous DNS queries initiated from LAN hosts (such as browsers, background applications, or Windows update requests) that cannot be resolved successfully by the firewall due to its lack of connection to the WAN port. How can this be resolved? Please refer to the answers below:
(1). Connect to the WAN to enable successful resolution of DNS queries, which will normalize the CPU usage.
If you are unable to connect to the WAN port, please refer to answers (2) and (3).
(2). Navigate to Security Policy > Session > Restrict the session number to 100 or lower.
(3). Navigate to Security Policy > ADP >Add a LAN ADP_PROFILE and enable the UDP Flood feature.
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight