I’m trying to monitor high values for softirq latency for NET_RX
Sometimes I get ~500ms but I don’t see increased ping. Is this expected?
P.s. I see problems starting once it reaches 1s+ is this expected?
Welcome!
I’m not actually sure if we’d be able to answer that one and im sure its maybe one of those “it depends” answers most likely.
Did you dig into it any more yourself?
Can you describe the workload on the node a little too?
Yes I’m digging into this almost every few days.
It appears as some type of dos attack. Attaching screenshot. During attack connection tracker connections are increasing rapidly however that’s really small numbers. I’m achieving much more. Somehow with 26k connections attacker can saturate enough CPU to slow down 1 NIC queue…
I’m looking into ways to investigate this kernel cpu usage somehow.
I’ve changed apps_groups.conf
and split kernel into more groups so it would be clear next time what is generating high cpu load from kernel