Overview
You have an Ignored Traffic Policy set up on your Exinda. However, you find that when the ignored policy traffic goes high, it seems to affect the livestream traffic on Exinda and you get traffic loss and drop in performance.
- Issue remains the same even when optimizer is stopped
- If the Exinda is bypassed completely so it's not in the path, high traffic on the ignored policy does not impact livestream traffic
- You have confirmed that the combined traffic (high traffic on ignored policy + livestream traffic) is within your ISP bandwidth limit
Solution
One of the reasons for this issue could be a high number of total connections for your Exinda, which can cause performance issues during times of high traffic.
Before proceeding with the solution steps, please confirm the following:
- PPS (Packets per size) is within limits for your Exinda appliance. You can check the PPS Summary in the PDF Monitor Report
- RAM and CPU usage (check PDF report) is not too high
Solution steps:
- Check the total connections (from the PDF report) and see if they are going above the limits for your Exinda, and also check for the number of ignored/aborted/refused connections.
For instance, in the below example, the number of internal hosts connections was going above the appliance limit of 1.2 million, and the number of ignored/aborted/refused connections was also found to be high.
- Exinda cannot act as a firewall hence cannot do much with controlling the connections, but resource management can be improved by executing the below commands in CLI - this will prevent the collection of statistics for ignored connections.
en
conf t
ddos tcp ignore - If your license bandwidth > 1.2 Gbps, ensure that the queuing mode for your device is multi-mode. Please read this article for the steps for checking and changing the queuing mode- Queuing Modes in Exinda.
If the above steps do not resolve the issue, please contact Exinda Support with a diagnostic file and a PDF report for investigation and analysis.