- Products
- Learn
- Local User Groups
- Partners
-
More
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
IDC Spotlight -
Uplevel The SOC
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Hello,
I noticed appearing a lot of errors on network interfaces type of DISCARDS_IN and 100% CPU usage.
How i can locate which type of traffic is source of this high CPU utilization? Can is somehow balance CPU usage like devide it between other CPU's ?
[Expert@hocdmzfw01:0]# fw ctl affinity -l -a -v
Interface Mgmt (irq 76): CPU 0
Interface eth1-06 (irq 59): CPU 1
Interface eth1-03 (irq 139): CPU 0
Interface eth2-01 (irq 171): CPU 0
Interface eth2-02 (irq 187): CPU 1
Interface eth2-03 (irq 203): CPU 1
Interface eth2-04 (irq 219): CPU 0
Interface eth3-01 (irq 235): CPU 1
Interface eth3-02 (irq 60): CPU 1
Kernel fw_0: CPU 11
Kernel fw_1: CPU 10
Kernel fw_2: CPU 9
Kernel fw_3: CPU 8
Kernel fw_4: CPU 7
Kernel fw_5: CPU 6
Kernel fw_6: CPU 5
Kernel fw_7: CPU 4
Kernel fw_8: CPU 3
Kernel fw_9: CPU 2
Daemon fwd: CPU all
Daemon in.aclientd: CPU all
Daemon mpdaemon: CPU all
Daemon cpd: CPU all
Daemon cprid: CPU all
Best Wishes!
G_W_Albrecht
I would involve TAC to find that out quickly !
Timothy_Hall
I assume by discards you mean RX-DRP in the output of netstat -ni.
If you run top and hit "1" do you see that CPUs 0 and 1 (SND cores) are saturated while cores 2-11 (Firewall Workers) are relatively idle? If so you need to try modifying your split from 2/10 to 4/8 which should make a big difference.
Better yet, please post the results of the "Super Seven" commands https://community.checkpoint.com/t5/General-Topics/Super-Seven-Performance-Assessment-Commands-s7pac...
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY