Bug #14090
openSignificant State Creation Causes LACP, BGP, and Possibly Other Components to Temporarily Fail
0%
Description
When testing with a customer, when a remote host has a large number of new states being created, then transitioning to TIME_WAIT or FIN_WAIT_2, some components like LACP will leave a DISTRIBUTING state, BGP sessions will drop, and gateway latency spikes can happen due to link loss from LACP.
When blocking the states for the offending (and essentially DDoSing) host with a pf rule, the issue was no longer present on three different appliances that all had identical software versions.
There was no high load average or high CPU usage (CPU Usage maxed at 20% and load average was 0.93), the webConfigurator was functioning normally, and there was no other indication of any resource exhaustion.
This was tested on 22.05, but may be present on 23.01 as well. Further testing needed. Customer was utilizing Intel ix 10G interfaces.
No data to display