No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

IP addresses are too centralized regularly leads to E8080 firewall session distributed uneven in each business board

Publication Date:  2012-11-21  |   Views:  2  |   Downloads:  0  |   Author:  SU1000722738  |   Document ID:  EKB1000019920


Issue Description

In a testing process, use smartflow 600B tester test firewall’s throughput. Firewall is four interface boards and four business boards full matching, from the tester connected to four roads gigabit flow two-way pass through the firewall, the four roads flow distributed in 4 blocks interface boards, the total is 8G flow. Under normal circumstances should be forwarded in line speed, but the firewall packet loss seriously, and sometimes even appeared the throughput of small packet is better than the throughput of big packet.

Alarm Information


Handling Process

1, first of all checking whether each interface board and fire wall board is normal. Input “display device”, the results shows that all boards have been registered, they are normal.
2, only use one road flow pass through the firewall to check each interface board, found they all can be forwarded in line speed, namely the boards are all normal.
3, use “display firewall session table slot 5/6/7/8” check each business board’s session table, discovered that all session are concentrated in the same business board. Problems are positioned, because all the sessions are processed by the same business board, caused the single business board performance bottleneck, so packet loss seriously. And E8080 firewall default through the source and destination to hash get value, according to the value distributes sessions to the corresponding business board to process, due to the IP addresses used for testing are too regular and concentrated, leading to the hash values are the same, all the sessions are assigned to the same business board for processing.
4, modify the source and destination IP of each flow in smartflow, or change the firewall’s HASH mode (firewall load-balance hash destination/destination-source/source) for source or destination. Check the session table of each business board, session distributed evenly. Then use tester play flow, firewall can achieve line speed to forward.

Root Cause

1, product performance problems.
2, configuration error.
3, other causes.


E8080 firewall will hash the session address information to a value according to the set hash mode, according to the value assign to the corresponding business board to process. If the source IP and destination IP are too concentrated, may lead to all the sessions concentrated to the same business board. At this time can plus one at the end of the IP address, through which can change the business board that treatments the session.