Re: MDS 81.10 Takt 152 - CPD process N/A only one...

Supporto_Checkp · ‎2024-07-08

Hi ,we have a strange issue with only one of our domain, this is a mdsstat

CPM: Check Point Security Management Server is running and ready

+------+--------------------+-----------------+-------------+-------------+-------------+-------------+-------------+
| Type | Name | IP address | FWM | FWMHA | FWD | CPD | CPCA |
+------+--------------------+-----------------+-------------+-------------+-------------+-------------+-------------+
| MDS | - | ipmds | up 56719 | up 56724 | up 56648 | up 14784 | up 57303 |
+------+--------------------+-----------------+-------------+-------------+-------------+-------------+-------------+
| CMA | domain1 | ip1 | up 47788 | up 48329 | up 46541 | up 41890 | up 53493 |
| CMA | domain2 | ip2 | up 45287 | up 46518 | up 44012 | up 41892 | up 53334 |
| CMA | domain3 | ip3 | up 46530 | up 47789 | up 45360 | up (N/A) | up 53335 |
| CMA | domain4 | ip4 | up 45288 | up 46532 | up 44013 | up 41887 | up 53331 |
| CMA | domain5 | ip5 | up 46540 | up 47849 | up 45358 | up 41891 | up 53333 |

"mdsstop_customer domain3" doesn't work, it remain stuck without stopping the domoain
the same command on other domains works.

We recently installed the jumbo take 152 because we had an issue regarding zombie processes and this issue too, the jumbo solved the zombie process spawning but not this one.

we tried to reboot the mds ,it works for some hours but then the CPD process is still in N/A.

$CPDIR/log/cpd.elg doesnt' show anything useful for us and for the TAC .
only strange messages are
t.so], Function offset [0x139a0].
[CPD 14784]@mds[8 Jul 8:29:40] Warning:cp_timed_blocker_handler: A handler [0xf56a71c0] blocked for 6 seconds.
[CPD 14784]@mds[8 Jul 8:29:40] Warning:cp_timed_blocker_handler: Handler info: Library [/opt/CPshrd-R81.10/lib/libosstatagent.so], Function offset [0x41c0].

any help will be appreciated 🙂

the_rock · ‎2024-07-08

Weird shows as up, but n/a. Did you run cpd debug as per below (mds part)?

Andy

https://support.checkpoint.com/results/sk/sk86320

Supporto_Checkp · ‎2024-07-08

hi ,i can't do for the specified domain because even mdsenv domain3 remain stuck and give no output at all.

other useful info, a cpwd_admin list show that the process is running,
CPD.domain3 181457 E 1 [15:51:04] 2/7/2024 N cma_with_wd domain3 '/opt/CPmds-R81.10/customers/domain3/CPshrd-R81.10/bin/cpd'

the_rock · ‎2024-07-08

Understood. I did find couple of older sk's, though its for R80.10 and R80.20, which are EOL. It says CP has hotfix for such an issue, so you may want to ask TAC if same applies to R81.10 as well.

Andy

Supporto_Checkp · ‎2024-07-08

can you give me the SK number ?

the_rock · ‎2024-07-08

Similar...

https://support.checkpoint.com/results/sk/sk123722

https://support.checkpoint.com/results/sk/sk114936

Peter_Lyndley · ‎2024-07-09

i've seen this before where you have a duplicate process running (for some reason).

The only way to find it is to run ps -ef |grep domain3

Then kill -9 xxxxx, where xxxxx is the process number you want to kill. if mdsstop_ customer is not working , then you may have to kill all processes related to domain3. Then mdsstart_customer domain3.

thanks

Peter

Supporto_Checkp · ‎2024-07-09

we don't have duplicate process regarding CPD , we had with jumbo 139 but not with Take 152

Peter_Lyndley · ‎2024-07-09

its not necessarily the cpd process that might be duplicate.

the_rock · ‎2024-07-09

Hey Peter,

Im wondering, say if that was really the case, would not reboot take care of it?

Andy

Supporto_Checkp · ‎2024-07-09

we did ,but after few hours the cpd was in N/A from mdsstat but with a valid pid from cwpd_admin list.
really strange. for the TAC the hcp update should be the key

the_rock · ‎2024-07-09

Let us know what they say.

Andy

Peter_Lyndley · ‎2024-07-09

you would hope so, but it was mentioned that 'it worked for some hours', so i wasnt 100% sure

the_rock · ‎2024-07-09

Its never easy to tell with standalone setup, thats why I was never big fan of it.

Andy

Supporto_Checkp · ‎2024-07-09

we don't have a standalone setup

the_rock · ‎2024-07-09

Sorry, I replied thinking of the other post similar to this, that involved standalone, apologies.

Andy

Olavi_Lentso · ‎2024-07-09

We have the same issue and it started after installing jumbo take 150 + custom hotfix for sk182370.

Supporto_Checkp · ‎2024-07-09

we had with Take 139 too,the update to take 152 was useless ,and even force the update of the HCP to version 73.
Finger crossed, at the moment we are all crawling in the dark

the_rock · ‎2024-07-09

Did you mention those sk's to TAC?

Andy

Supporto_Checkp · ‎2024-07-09

yep,we are waiting if the update of the HCP with a private packate will solve.finger crossed

the_rock · ‎2024-07-09

Lets hope so...

Supporto_Checkp · ‎2024-07-09

CPD on that domain is still up ,so ...maybe... let's wait until tomorrow to be sure

CheckPointerXL · ‎2024-08-01

i fixed in this way:

ps -aux | grep DOMAIN | grep cpd
kill -9 PID
mdsstop_customer IP-DOMAIN
mdsstart_customer IP-DOMAIN

Olavi_Lentso · ‎2024-08-01

According to the TAC hcp updates since 03 July should fix this problem.

AleLovaz82 · ‎2024-10-02

this fixed the issue

AleLovaz82 · ‎2024-10-02

too easy to be the solition , anyway not workig for us

Are you a member of CheckMates?

MDS 81.10 Takt 152 - CPD process N/A only one one domain