Operational Defect Database
BugZero found this defect 46 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Fortinet | 936747
Connections per second (CPS) performance of SIP sessions accepted by hyperscale firewall policies with EIM and EIF disabled that include overload with port block allocation (PBA) GCN IP pools is lower than expected.
Last update date:
8/31/2023
Affected products:
FortiFirewall FFW-1801F
FortiFirewall FFW-2600F
FortiFirewall FFW-3980E
FortiFirewall FFW-4200F
FortiFirewall FFW-4400F
FortiFirewall FFW-4401F
FortiFirewall FFW-4801F
FortiFirewall FFW-VM64
FortiFirewall FFW-VM64-KVM
FortiGate FG-1000D
FortiGate FG-1000F
FortiGate FG-1001F
Affected releases:
7.2.8
7.4.1
Fixed releases:
7.0.15
7.4.2
Description:
Connections per second (CPS) performance of SIP sessions accepted by hyperscale firewall policies with EIM and EIF disabled that include overload with port block allocation (PBA) GCN IP pools is lower than expected.Workaround: enter the following command for each NP7 processor to resolve the performance issue.# diagnose npu np7 setreg nss.nss_thrd_ctrl.thrd_ctrl 0xFWhere is the NP7 processor number. NP7 processors are numbered 0, 1, 2, and so on.The configuration changes from entering these diagnose commands are reset if the FortiGate restarts. After a system restart, just re-enter the diagnose commands.
