I believe I found out why the CPU ramped up but it's not conclusive at this
time. According to FW logs, at 4:45PM one of my 8 FW modules lost
connectivity for some reason, because in the FW logs it stated "log entries
were not sent to log server due to high load, logs being sent to backup".
i can only assume that the Primary mgmt station lost connectivity for a
short period of time, thus the modules were logging locally briefly.
There are about 200+ rules across all 8 modules (4 VRRP pairs). What's
weird is, if the primary management station did lose connectivity, should
the secondary have taken over the logging responsibility. I have all the
modules sending logs to both mgmt stations?
strange......
Daniel Samaan
<[EMAIL PROTECTED]
.COM> To
Sent by: Mailing [EMAIL PROTECTED]
list for INT.COM
discussion of cc
Firewall-1
<FW-1-MAILINGLIST Subject
@AMADEUS.US.CHECK [FW-1] state sync not working /
POINT.COM> high CPU/ error: "bind failed:
Address already in use"
04/27/2004 10:22
AM
Please respond to
Mailing list for
discussion of
Firewall-1
<FW-1-MAILINGLIST
@AMADEUS.US.CHECK
POINT.COM>
Running AI R54 with Build 31 with VRRP.
The Nokia's are peaking at 90% plus at random times on both the primary and
standby. I can correlate this with the ClusterXL going up/down via
SmartView Status. Thinking that state synch is causing the issue, I
rebooted the standby and now the standby is peaking at 96% with the
cphamcset process running at 96%.
running cphaprob state on the secondary, shows the primary as nonexistent.
However the cpahprob state on the primary shows the secondary as Active?
If I try and stop/start the cpha module on the secondary I get this error
from the CLI. "bind failed: Address already in use"
good thing is that traffic is not affected...maybe slow from time to
time.....Also, VRRP is always maintained, a failover never occurs..thus
VRRP is working ok to my knowledge.
thoughts....
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
