ASM causing high CPU on bigip 3600 ltm
Hi all!
We are experiencing high CPU levels on both cores of our BigIP 3600 ltm platform after we applied the only security policy on our ASM to the http class profile on our VIPs. We are trying to come up with solutions to try to get the CPU levels down. Oddly enough, the high CPU is not causing any peformance issues with load times from our web servers.
Steps taken to try to help lower the CPU levels:
1.) Take the signature sets out of staging.
2.) Take the policy out of learing for ALL violations.
3.) Changed logging level to log nothing (from log illegal requests only).
The policy is not even in blocking mode yet, only transparent. So I am not sure what is causing the high CPU? I know ASM is the culprit because doing a 'top' on my console shows bd process using 80 - 90%. Tmm process or ltm is only avg 30 across both cores. Not sure why the ASM can't use both cores?
Has anyone in this group come acrorss issues with high CPU on their platform which you had trouble resolving? The VIPs which are security policy has been applied to averages about 3k http requests a sec.
Our BigIP is running 11.2.1 build 1042.
Thanks for anyones help/advise you can provide. Prior to adding ASM to our LBs, the CPU only avg around 20-25% during peak usage.
-Ryan