For example if most of your traffic is between your external and your DMZ interfaces (you are hosting a lot of web servers?) you should make sure this traffic remains on the same NPU.
To figure out which port is assigned to which NPU use the following command:
#get hardware npu <model> list
So if you have a model with NP4s use
#get hardware npu np4 list
Your output will be similar to the one below depending on your model firewall.
In the below example you might want to connect port25 to the Internet and port26 to the DMZ to keep that traffic on a single NPU.
# get hardware npu np4 list
|
ID Model Slot Interface
|
0 On-board port1 port2 port3 port4
|
port5 port6 port7 port8
|
port9 port10 port11 port12
|
port13 port14 port15 port16
|
port17 port18 port19 port20
|
port21 port22 port23 port24
|
1 On-board port25 port26 port27 port28
|
port29 port30 port31 port32
|
port33 port34 port35 port36
|
port37 port38
|
you can also prioritize your Session setup rate. depend on which device. IE the 1240, Ports 1,5,9,13,17,21,25,29,33,37,41,45
ReplyDeleteshould be avoided as they are aligned to CPU1 which also does the session setup.