[isapros] Re: applying changes takes ages
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Tue, 4 Sep 2007 08:59:44 -0300
Ahhh...you never said that to me.....
Which rule.....the biggie?
S
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Greg Mulholland
Sent: Tuesday, September 04, 2007 7:43 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: applying changes takes ages
I did think of that but didn't get around to it today. Interestingly I
was leaning towards a corruption in a rule after I imported a certain
persons URL and domain sets. I'll give it a go thanks Jason.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Jason Jones
Sent: Tuesday, 4 September 2007 8:36 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: applying changes takes ages
Have you tried doing selective exports?
Sometimes if there is a corruption, it can be found by trying to do an
export - the GUI will then sometimes hiccup and allow you to narrow down
the corruption...
Cheers
JJ
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Greg Mulholland
Sent: 04 September 2007 11:28
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] applying changes takes ages
Hey gang got an issue here I'm trying to work through.
I have an isa 2006 std box running in firewall mode that takes an
exorbitant amount of time to apply any changes. Like I'm talking 5-10
minutes.
A little background:
It's a basic win2k3 sp2 install with around 20 rules (least privilege),
a few published services like smtp,web, owa, VPN clients (pptp). I read
about an issue on multi core processors but this is pure single core. I
also read about when a number of web servers are published with multiple
link translations it can take time, but we aren't using any link
translation atm. The server seems to go CPU bound in a big way when I
apply any rule or config changes, sits around 100%. Incidentally there
are no simultaneous or subsequent ISA alters nor are there any system or
app log events fired.
I'm not sure what's pinning the CPU, the task manager doesn't give me
any real heads up on anything, the box at load is sitting around
300-500mb ram free, we've recently added a new disk for logging but in
this case I've even turned off logging for the time being to try and get
to the bottom of the performance. My gut feeling was that there was a
bad rule or something in the ruleset but I've reviewed these and they
seem to be OK. I have run an ISABPA and didn't find anything more than
the usual you are using strict rpc, and a few other red herrings. I
haven't as yet ran a sniff whilst the changes are being applied but I
would have assumed that would be somewhat fruitless anyway.
Can anyone shed any more light or give me any pov's.
Thanks
Greg
Other related posts:
