Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Supporto_Checkp
Collaborator

MDS 81.10 Takt 152 - CPD process N/A only one one domain

Hi ,we have a strange issue with only one of our domain, this is a mdsstat

CPM: Check Point Security Management Server is running and ready

+------+--------------------+-----------------+-------------+-------------+-------------+-------------+-------------+
| Type | Name | IP address | FWM | FWMHA | FWD | CPD | CPCA |
+------+--------------------+-----------------+-------------+-------------+-------------+-------------+-------------+
| MDS | - | ipmds | up 56719 | up 56724 | up 56648 | up 14784 | up 57303 |
+------+--------------------+-----------------+-------------+-------------+-------------+-------------+-------------+
| CMA | domain1 | ip1 | up 47788 | up 48329 | up 46541 | up 41890 | up 53493 |
| CMA | domain2 | ip2 | up 45287 | up 46518 | up 44012 | up 41892 | up 53334 |
| CMA | domain3 | ip3 | up 46530 | up 47789 | up 45360 | up (N/A) | up 53335 |
| CMA | domain4 | ip4 | up 45288 | up 46532 | up 44013 | up 41887 | up 53331 |
| CMA | domain5 | ip5 | up 46540 | up 47849 | up 45358 | up 41891 | up 53333 |

"mdsstop_customer domain3" doesn't work, it remain stuck without stopping the domoain
the same command on other domains works.

We recently installed the jumbo take 152 because we had an issue regarding zombie processes and this issue too, the jumbo solved the zombie process spawning but not this one.

we tried to reboot the mds ,it works for some hours but then the CPD process is still in N/A.

$CPDIR/log/cpd.elg doesnt' show anything useful for us and for the TAC .
only strange messages are
t.so], Function offset [0x139a0].
[CPD 14784]@mds[8 Jul 8:29:40] Warning:cp_timed_blocker_handler: A handler [0xf56a71c0] blocked for 6 seconds.
[CPD 14784]@mds[8 Jul 8:29:40] Warning:cp_timed_blocker_handler: Handler info: Library [/opt/CPshrd-R81.10/lib/libosstatagent.so], Function offset [0x41c0].

any help will be appreciated 🙂

0 Kudos
25 Replies
the_rock
Legend
Legend

Weird shows as up, but n/a. Did you run cpd debug as per below (mds part)?

Andy

https://support.checkpoint.com/results/sk/sk86320

0 Kudos
Supporto_Checkp
Collaborator

hi ,i can't do for the specified domain because even mdsenv domain3 remain stuck and give no output at all.

other useful info, a cpwd_admin list show that the process is running,
CPD.domain3 181457 E 1 [15:51:04] 2/7/2024 N cma_with_wd domain3 '/opt/CPmds-R81.10/customers/domain3/CPshrd-R81.10/bin/cpd'

0 Kudos
the_rock
Legend
Legend

Understood. I did find couple of older sk's, though its for R80.10 and R80.20, which are EOL. It says CP has hotfix for such an issue, so you may want to ask TAC if same applies to R81.10 as well.

Andy

0 Kudos
Supporto_Checkp
Collaborator

can you give me the SK number ?

0 Kudos
the_rock
Legend
Legend

0 Kudos
Peter_Lyndley
Advisor
Advisor

i've seen this before where you have a duplicate process running (for some reason).

The only way to find it is to run ps -ef |grep domain3

Then kill -9 xxxxx, where xxxxx is the process number you want to kill. if mdsstop_ customer is not working , then you may have to kill all processes related to domain3. Then mdsstart_customer domain3.

thanks

Peter

0 Kudos
Supporto_Checkp
Collaborator

we don't have duplicate process regarding CPD , we had with jumbo 139 but not with Take 152

 

0 Kudos
Peter_Lyndley
Advisor
Advisor

its not necessarily the cpd process that might be duplicate.

0 Kudos
the_rock
Legend
Legend

Hey Peter,

Im wondering, say if that was really the case, would not reboot take care of it?

Andy

0 Kudos
Supporto_Checkp
Collaborator

we did ,but after few hours the cpd was in N/A from mdsstat but with a valid pid from cwpd_admin list.
really strange. for the TAC the hcp update should be the key


0 Kudos
the_rock
Legend
Legend

Let us know what they say.

Andy

0 Kudos
Peter_Lyndley
Advisor
Advisor

you would hope so, but it was mentioned that 'it worked for some hours', so i wasnt 100% sure

0 Kudos
the_rock
Legend
Legend

Its never easy to tell with standalone setup, thats why I was never big fan of it.

Andy

0 Kudos
Supporto_Checkp
Collaborator

we don't have a standalone setup 

0 Kudos
the_rock
Legend
Legend

Sorry, I replied thinking of the other post similar to this, that involved standalone, apologies.

Andy

0 Kudos
Olavi_Lentso
Contributor

We have the same issue and it started after installing jumbo take 150 + custom hotfix for sk182370.

0 Kudos
Supporto_Checkp
Collaborator

we had with Take 139 too,the update to take 152 was useless ,and even force the update of the HCP to version 73.
Finger crossed, at the moment we are all crawling in the dark

 

 

0 Kudos
the_rock
Legend
Legend

Did you mention those sk's to TAC?

Andy

0 Kudos
Supporto_Checkp
Collaborator

yep,we are waiting if the update of the HCP with a private packate will solve.finger crossed

the_rock
Legend
Legend

Lets hope so...

0 Kudos
Supporto_Checkp
Collaborator

CPD on that domain is still up ,so ...maybe... let's wait until tomorrow to be sure

0 Kudos
CheckPointerXL
Advisor
Advisor

i fixed in this way:

 

ps -aux | grep DOMAIN | grep cpd
kill -9 PID
mdsstop_customer IP-DOMAIN
mdsstart_customer IP-DOMAIN

0 Kudos
Olavi_Lentso
Contributor

According to the TAC hcp updates since 03 July should fix this problem.

0 Kudos
AleLovaz82
Collaborator
Collaborator

this fixed the issue

0 Kudos
AleLovaz82
Collaborator
Collaborator

too easy to be the solition , anyway not workig for us

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events