Hi again,
I already posted a related question here: https://community.checkpoint.com/t5/Next-Generation-Firewall/Investigating-CPU-core-consumption-in-R...
Did some analyses and now realized that CoreXL connection distribution seems to not work properly anymore:
[Expert@FW:0]# fw ctl multik stat
ID | Active | CPU | Connections | Peak
----------------------------------------------
0 | Yes | 15 | 78152 | 89916
1 | Yes | 7 | 64497 | 68297
2 | Yes | 14 | 57302 | 64495
3 | Yes | 6 | 36117 | 50217
4 | Yes | 13 | 13611 | 35532
5 | Yes | 5 | 3130 | 29384
6 | Yes | 12 | 767 | 26404
7 | Yes | 4 | 548 | 25565
8 | Yes | 11 | 618 | 25357
9 | Yes | 3 | 420 | 25236
10 | Yes | 10 | 503 | 27162
These are all CoreXL CPUs carrying a very different number of connections.
[Expert@FW:0]# fw ctl multik dynamic_dispatching get_mode
Current mode is On
[Expert@FW:0]# fw ctl affinity -l -r
CPU 0:
CPU 1:
CPU 2:
CPU 3: fw_9
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 4: fw_7
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 5: fw_5
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 6: fw_3
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 7: fw_1
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 8:
CPU 9:
CPU 10: fw_10
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 11: fw_8
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 12: fw_6
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 13: fw_4
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 14: fw_2
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
CPU 15: fw_0
mpdaemon fwd pdpd lpd pepd dtpsd in.acapd dtlsd in.asessiond rtmd vpnd cprid cpd
Any ideas ?
Regards Thomas