This was mentioned in my book, whether disabling CoreXL on a 2-core system is desirable will depend on a lot of factors.
With CoreXL enabled, the split is 2/2 with the two cores each acting as both an SND and Firewall Worker (kernel instance). While both cores are having to pull double duty and constantly switch context/roles, it does allow more than just one core to process traffic should a large majority of it get concentrated in either the Accelerated Path (handled by SND) or the Medium/Firewall Paths (handed by Firewall Workers). It also allows both cores to empty NIC ring buffers in a timely fashion and help avoid RX-DRP frame loss.
However if CoreXL is disabled, core 0 becomes just a SND and core 1 is just a Firewall Worker. The coordination overhead of CoreXL between multiple Firewall Workers, and the coordination overhead of SecureXL between multiple SNDs is no longer present, thus freeing up a fair amount of CPU time to potentially move more traffic. The downside is that if one core or the other gets fully saturated doing whatever it is doing, the other core cannot help at all thus creating a bottleneck while all possible CPU resources are not being fully utilized.
As mentioned in my book, the only way to determine if disabling CoreXL will help (which is essentially going to a 1/1 split) is to carefully baseline CPU utilization and network error counters with CoreXL enabled, then disable it and see what happens to CPU utilization and network error counters. Disabling CoreXL on a 2-core system may help overall performance or it may not.
New 2-day Live "Max Power" Series Course Now Available:
"Gateway Performance Optimization R81.20" at maxpowerfirewalls.com