M370 struggled to keep up with packets per second
Yesterday we had a large attack that hit our M370 Active Passive Firecluster.
The traffic was not huge in bandwidth but there was a lot of packets per second. This caused our M370’s to have kernel exceptions and a lot of packet loss as (I think) the CPU was going crazy on the units. I managed to get them both upgraded to 12.5.4 which stopped the Kernel Exceptions but the CPU was still crazy high.
The traffic was all “egp”, “pim” & “gre” packet types and got handled by our “Unhandled External Packet” policy.
This surely should not have floored our Watchguards? Support weren’t amazing as once they got on they said the CPU looked normal (which it was as the attack had subsided).
Am I missing something?