USG60 firmware v4.39 session count increasing every day - bug?
WvandeHoef
Posts: 22 Freshman Member
Over the last week I had users complaining they could connect to the network, but not to the internet. Checking the USG log I saw a lot of Session Limit messages stating the session count was exceeded. Looking at the current session by IP I was not able to pinpoint this at a specific machine.
I had UDP Session time at 60 sec and sessions limit by host at 2000.
To test I increased the sessions limit by host to 3000 and reduced the UDP Session timeout to 30s. After this the users could connect again, until yesterday when the same issue was back. I now set the session limit to 0 until I have found what is the issue.
When checking the conntrack on the console I do not see that many sessions.
No new machines have connected to our network over the last month. I have disconnected the machines with the maximum sessions in the sessions by host overview to see if the number of active sessions reduced, but this was not the case.
As there have not been huge changes I am now at the point to go back to firmware v4.38 to see if that solves my issue, as in v4.35 and v4.38 we did not have this issue.
Find below the graphs with increasing session count over time by firmware version.
Firmware v4.35
Firmware v4.38 loaded June 8th, 2020
Firmware v4.39 loaded August 30th, 2020
Current system info:
Current session overview
Current Conntrack attached
If there is a way to see why the session count is so high and what process/service/IP is causing this, please let me know and I will update this thread.
Regards,
Wouter
I had UDP Session time at 60 sec and sessions limit by host at 2000.
To test I increased the sessions limit by host to 3000 and reduced the UDP Session timeout to 30s. After this the users could connect again, until yesterday when the same issue was back. I now set the session limit to 0 until I have found what is the issue.
When checking the conntrack on the console I do not see that many sessions.
No new machines have connected to our network over the last month. I have disconnected the machines with the maximum sessions in the sessions by host overview to see if the number of active sessions reduced, but this was not the case.
As there have not been huge changes I am now at the point to go back to firmware v4.38 to see if that solves my issue, as in v4.35 and v4.38 we did not have this issue.
Find below the graphs with increasing session count over time by firmware version.
Firmware v4.35
Firmware v4.38 loaded June 8th, 2020
Firmware v4.39 loaded August 30th, 2020
Current system info:
Current session overview
Current Conntrack attached
If there is a way to see why the session count is so high and what process/service/IP is causing this, please let me know and I will update this thread.
Regards,
Wouter
0
Comments
-
Hi @WvandeHoef,
Is SSO enabled on this USG60?
Could you give us the remote access of this USG60 to check the session usage in private message?
0 -
Hi Emily,
No, SSO is not used. I will send you the details in a private message.0 -
I have exactly the same issue regarding this indicator ....
any news about that ?0 -
It is confrmed to be an v4.39 issue and once I switched back to v4.38 the session count is stable again.0
-
same problem on 4.39 with USG40w.
0 -
0
-
I have the same issue with USG40.
Firmware, what I have is: 4.39(AALA.0) 2020-07-31 07:54:31.
After 27 days of uptime, Session Usage- counter shows now more than 17 000 sessions.
Pretty impressive amount for two laptops, two iPhones, iPad, two smartTVs and for a couple of WiFi enabled household devices.
Monitor->System Status->Session Monitor shows:
- 9 active devices
- Some 50 sessions
No torrents, etc P2P apps are used. Both IDP and Content Filter 2.0 licenses have been activated.
When I use command "debug system show conntrack" it shows mostly DNS sessions.
My 5 cents out of this:
I have made a NAT setting for DNS queries coming from my lan1 to USG40.
- Incoming Interface: lan1
- Source IP: any
- External IP: any
- Internal IP: User Defined
- User defined Internal IP: 10.0.1.1 (my USG40 address)
- Port mapping type: port
- Protocol type: any
- External port: 53
- Internal port: 53
And I have DNS Domain Zone Forwarder to Public DNS Server 1.1.1.1
Could it be that somehow the Session Usage- counter is not removing the redirected DNS sessions? Behavior was not the same with 4.38 and earlier firmware versions
Kelmi0 -
Hi @kelmi,You can follow the suggestion from @PeterUK to upgrade USG40 to 4.39WK38.
Weekly Firmware / Support Version / Lab VersionIf the session usage is still high after firmware upgrade, send the remote access of your USG40 to me in private for further analysis.0 -
Zyxel_Emily said:Hi @kelmi,You can follow the suggestion from @PeterUK to upgrade USG40 to 4.39WK38.
Weekly Firmware / Support Version / Lab VersionIf the session usage is still high after firmware upgrade, send the remote access of your USG40 to me in private for further analysis.
I believe I'm not the only one to have a kind of status update from Zyxel side, how do you see the issue and when to expect an official fix for the topic? In my case, the session counter is now in 22000 (for 10 machines or so) and increasing. Meaning in two months uptime, a reboot is needed, which is a topic of its own from company policy point of view.
Kelmi
0 -
Hi @kelmi,The fix is also merged to the upcoming official release 4.60.It will be released in early November 2020.0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 145 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.6K Security
- 240 USG FLEX H Series
- 268 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 385 News and Release
- 83 Security Advisories
- 28 Education Center
- 9 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 72 Security Highlight