This website uses cookies. By browsing this website, you consent to the use of cookies. Learn more.
OK
ABOUT CHECKMATES & FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Help
Rahul_Borah
Rahul_Borah
Nickel
‎2019-03-17 04:46 AM

Checkpoint R77.30 HA-Primary Active Gateway Disconnected due to high utilization

Hi All,

I have a concern about high utilization on HA gateway. From last7 days its showing high utilization and got disconnected and also not able to take cli console on that time. But HA stat showing good and traffic flow is also ok. Cluster is enable on both gatways.

Please share your exprience on this type of issues. Please share your exprience to resolve this issue.

Thaks.

HA PRI Active Gateway.JPG

 

0 Kudos
Reply
1 Reply
Timothy_Hall
Timothy_Hall
Pearl
‎2019-03-17 06:56 PM

Re: Checkpoint R77.30 HA-Primary Active Gateway Disconnected due to high utilization

The SmartView Monitor is talking to the cpd daemon running on the gateway to retrieve status.  If that daemon is dead or impaired you'll get status issues like this.  Run cpwd_admin list to see if that daemon is dying and getting restarted. 

However given that you are also reporting issues with shell access during that period it is likely that the gateway is short on memory and user-space processes like sshd will always lose if the kernel wants to use the memory.  Run free -m to check free memory. 

It could be possible that the kernel is monopolizing the CPU to the point where user-space processes are being starved out, run top to determine if this is the case.

Finally look in /var/adm/messages for disk I/O errors, a failing hard drive can cause user-space processes to malfunction occasionally but the kernel won't care because it is all loaded into and running directly from RAM.  If you see I/O errors get that hard drive replaced ASAP!

 

 

Book "Max Power 2020: Check Point Firewall Performance Optimization" Third Edition
Now Available at www.maxpowerfirewalls.com
Reply