[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Akamai caches hammering Sophos XG firewalls

Subject: Akamai caches hammering Sophos XG firewalls
From: niels=nanog at bakker.net (Niels Bakker)
Date: Mon, 5 Feb 2018 19:59:36 +0100
In-reply-to: <CAKkPQBtxe-4FaMpiRFb-jsHjrDeiZ0M+V0Ync7yLuKexkqO3Lg@mail.gmail.com>
References: <CAKkPQBtxe-4FaMpiRFb-jsHjrDeiZ0M+V0Ync7yLuKexkqO3Lg@mail.gmail.com>

* jeremyparr at gmail.com (Jeremy Parr) [Mon 05 Feb 2018, 18:28 CET]:
>Somewhat OT, but before I was a jack of all trades enterprise 
>sysadmin, I was a jack of all trades ISP sysadmin.
>
>I'm seeing an issue at a few sites where I have Sophos XG firewalls 
>deployed where the XG gets hammered on it's WAN interface by Akamai 
>hosts with TCP re-transmissions. Anyone at Akamai who may have some 
>background on this issue please reach out to me. The hosts currently 
>in question are 24.244.145.137 and 24.244.145.139, but I suspect 
>that is only due to these being closest to me, colocated at my ISP 
>AS15146.

Chances are your firewall cannot keep enough state in memory and 
starts complaining about packets because it's missing sessions.


	-- Niels.

References:
- Akamai caches hammering Sophos XG firewalls
  - From: jeremyparr at gmail.com (Jeremy Parr)

Prev by Date: improving signal to noise ratio from centralized network syslogs
Next by Date: 40G reforming
Previous by thread: Akamai caches hammering Sophos XG firewalls
Next by thread: Console Servers & Cellular Providers
Index(es):
- Date
- Thread