Our Core firewall Data plane CPU reaching to 99% , When we checking the traffic logs some MS-SQL application getting high usage, and system logs are showing "dataplane under severe load palo alto".
Pan os : 8.1.15-h3 ,Device : PA 5050.
Kindly let us know any solutions for this.
Vishnu PS.
Yes , Not find anything related to our issue.
PAN-119862 This issue is now resolved. See PAN-OS 8.1.11 Addressed Issues
(PA-5050 firewalls only) There is an intermittent issue where an out-of-memory (OOM) condition causes the dataplane or internal path monitoring to stop responding.
Please let me know above mentioned pan bug related our issue.?
`debug dataplane pool statistics` Have you checked the release notes for 8.1 known issues?
Are all cores high, or only a few? What do your packet buffers look like (the fields right after the list of core loads) Have you checked software pools to see if there is memory pool depletion?
if you suspect the MS-SQL is causing the high load, you can try 2 approaches:
first see if you can determine where most of the load is coming from: are 'clients' sending a lot of payload TO the SQL server, or is the server supplying a lot of payload to the clients
In the latter case, you could set your security rule to (Disable Serer Response Inspection (DSRI)
This will significantly reduce processing on s2c packets
If most of the load originates from clients (c2s) you may want to consider creating an app-override to disable all scanning on these sessions