Hi Guys ,
I found that Proxy restarted on 4th June and core file was generated . Proxy restarted for below error PG_HEALTH_CHECKS" and HC Watchdog" in "" at .text+0x0 from sysinfo .
Core Image
URL_Path /CM/Core_image/Details?All
Title ProxySG Appliance Core Image Details
Version 10.0
Core Header:
Running Version: SGOS 6.5.9.10, Release id: 190139
Produced on Monday June 4 2018 08:55:55
Size on disk is 283862528 bytes.
Minicontext produced on: 2018-06-04 08:55:55+00:00UTC
Minicontext version: 1.5
ProxySG Appliance: Version 6.5.9.10.190139
Architecture: x86_64
Kernel: Multiprocessor
System image flags: Customer, Optimized, Non-GDB, 64-bit
Hardware exception code: 0x0
Software exception code: 0x3a0004
Page fault linear address: 0x0
Process group: "PG_HEALTH_CHECKS"
Process: "HC Watchdog" in "" at .text+0x0
++ Maximum recommended forwarding hosts on ProxySG
https://support.symantec.com/en_US/article.TECH247222.html
https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/DOCUMENTATION/10000/DOC10585/en_US/PDF_PBP.pdf?__gda__=1529009669_e058e2a4662d3420f56bcf1084214740
Also i found TCP_AUTH_REDIRECT DENIE” logs and CPU highly utilized by too many SSL & Cryptography.
Whch one the cause for High CPU ?
“Forwarding TCP tunneled requests can be done with Policy rewrite without the use of a forwarding host.”
So we have to create new TCP tunneled to optimize forwarding policy, is that correct?
Also I have a few concern questions below.
- Will it has any affect to user after we apply this configuration?
- Is this the correct solution for KTAXA proxy? Because I thought we have an issue about CPU highly utilized by too many SSL & Cryptography.
- What about “TCP_AUTH_REDIRECT DENIE” that you mentioned in previous email? How to disable? Will it has any affect to user experience?