• Customer diverted additional traffic towards their IDS in a TAP configuration (external tap or shared promiscuous-mode circuit) and experienced high CPU utilization alarms on IDS/IPS blades coupled with traffic failure or latency issue.
• Messages similar to the following may appear in the logs around the time(s) the slowness or disruption is reported:

Dec 31 21:57:52 npm1 kernel: CBS_HB: [Fab-1] Missing heartbeats TO slots =0080 

Dec 31 21:57:52 npm1 kernel: xbprc: sdp-6 (slot-8) Bouncing link due to loss of heartbeats ipstat= 0481 opstat= 7811. 

ids_1 cbsvapcfgd[2902]: [W] No SDP path to NPM1 

• Under heavy load , an APM sends flow control throttling messages to the NPM. This might cause traffic interruptions or latency issues in the IDS/IPS configurations.

• An IDS that is highly utilized can cause backpressure control messages to be generated from the APM towards the NPM, thereby affecting inline traffic on a shared circuit.

Pre 9.7, contact technical support to obtain a pmmon script for the APM(s)

Post 9.7, configure the "passive" mode at the vap-group context

Workaround