Operational Defect Database
BugZero found this defect 2103 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3bcSAA
Firebox M440 can drop packets under high traffic load
Last update date:
8/16/2018
Affected products:
Firebox M440
Affected releases:
All
Fireware
12.x
12.0.x
12.1.x
12.1
12.1.1
12.1.3
12.2.x
12.3.x
Fixed releases:
All
Description:
Issue
The Firebox M440 can drop packets under high load. This can happen if high load occurs simultaneously on multiple interfaces that share the same internal communication channel.
Workaround/Solution
To avoid dropped packets, allocate network interfaces as described below. On the Firebox M440 interfaces 1 - 24 internally connect to a 24 port switch chip.There are four physical channels from the switch chip to the CPUs. Each channel handles communication for six interface ports. To optimize performance and minimize packet loss, we recommend that you utilize the interfaces in a way that evenly balances the traffic across the four channels.When you plan interface allocation, you can think of these channels as buckets that you want to fill as evenly as possible. Below is a list of the interface ports in each bucket. M440 Interface NumbersBucket 11, 5, 9, 13, 17, 21Bucket 22,6,10,14,18,22Bucket 33,7,11,15,19,23Bucket 44,8,12,16,20,24 Note that interfaces 0, 25, and 26 do not connect to the same switch chip and so are not part of this allocation. When you choose which interfaces to enable, choose one from each bucket before you choose another from a bucket you have previously chosen from. You can also take expected traffic loads into consideration. For example you could assign a volume of 1 unit of ‘water’ to a lightly loaded interface, 2 for medium, 3 for high, and 5 if an interface is used for clustering. Start with the highest load interfaces and choose a port, then ‘fill’ that bucket with the units of ‘water’ for that port. Keep doing this, each time selecting the next interface from the bucket with the least amount of ‘water’ in it.Another recommendation is to choose interfaces from each bucket in order, starting from either the lowest or highest interface number in the bucket. For example, if you picked interface 11 from bucket 3, your next pick from that bucket should be either interface 7 or 15 depending on whether you are counting up or down. In this example, do not skip over 15 and pick 19.
