I have deployed 6 clusters of SRX220H's and a cluster of SRX240's. After installing IDP or just simply deactivating and reactivating in the config, in nearly every deployment after a few days the eventd process goes haywire and causes a huge bottleneck in performance. The bottleneck isn't caused by IDP itself, but rather this eventd process. Issuing a "restart event-processing" fixes the issue temporarily but after some time it just goes back to craziness. Is anyone else experiencing this problem? I'm using a complete mix of releases (11.4R6 to 11.4R8.6 and even 12.1 on one of the clusters) so its not specific to a version.
This is what I'm seeing:
--------------------------------------------------------------------------
last pid: 87405; load averages: 0.02, 0.04, 0.00 up 71+19:04:40 22:24:04
103 processes: 15 running, 76 sleeping, 1 zombie, 11 waiting
Mem: 116M Active, 106M Inact, 589M Wired, 109M Cache, 112M Buf, 49M Free
Swap:
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
1154 root 5 76 0 498M 49184K select 0 1905.2 7615.67% flowd_octeon_hm
902 root 1 76 0 12624K 4640K select 0 1:24 338.33% eventd
22 root 1 171 52 0K 16K RUN 0 1490.1 84.18% idle: cpu0
24 root 1 -20 -139 0K 16K RUN 0 869:43 0.00% swi7: clock
5 root 1 -16 0 0K 16K rtfifo 0 432:34 0.00% rtfifo_kern_recv
--------------------------------------------------------------------------
last pid: 40009; load averages: 0.06, 0.11, 0.07 up 29+22:50:05 13:00:15
136 processes: 17 running, 107 sleeping, 1 zombie, 11 waiting
Mem: 166M Active, 138M Inact, 586M Wired, 37M Cache, 112M Buf, 43M Free
Swap:
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
898 root 1 76 0 12580K 4488K select 0 12:34 639.06% eventd
1264 root 5 76 0 498M 49188K select 0 806.4H 99.95% flowd_octeon_hm
22 root 1 171 52 0K 16K RUN 0 596.5H 79.69% idle: cpu0
24 root 1 -20 -139 0K 16K RUN 0 499:11 0.00% swi7: clock
5 root 1 -16 0 0K 16K rtfifo 0 201:53 0.00% rtfifo_kern_recv
1155 root 1 76 0 12296K 6216K select 0 133:30 0.00% license-check