Hi

the upgrade was performed from R80.10.

in a case the cluster is based on 15600 appliances and the other case the cluster is based on 5600 appliances.

TheTOP output, when I meet the issue, I saw 2 "watchdog" processes are 100%

Unfortunately I didn't get any log files.

The messages log file showed errors about GNAT isn't able to de-allocate resources. This issue was mitigated disabling the GNAT feature, but it didn't fix the issue

unfortunately I cannot provide the output because I downgraded the cluster to R80.30 because the business impact was very high

Wow that is strange that the watchdog is eating CPU like that, and at real-time priority no less which will constantly kick other processes (like fw_worker_X) off the CPU and cause astronomical amounts of context switching thus degrading performance.  The watchdog is a Gaia/Linux program (not Check Point product code) that ensures the system has not hung by running a series of sanity tests and writing to the /dev/watchdog file (called "kicking the watchdog") at least once a minute.  If it fails to perform this write in a timely fashion the system is assumed to be hung, the watchdog barks then bites which forcibly reboots the system from the hardware level.

What kind of hardware are you using?  Can't see why watchdog would need so much CPU unless there is some kind of hardware issue, you should get TAC involved on this pronto as the watchdog is most certainly NOT a process you want to have issues with, as it can affect the stability of the system or even the ability to gracefully recover from a hard hang.  If a system is hard hung and the watchdog does not bark then bite to reset it, the only recourse is physically pulling the power plug. 

Perhaps the watchdog is chasing its tail after someone spiked its water dish with Red Bull or something.  🙂

Thanks for this answer. 

It's an OpenServer ("IBM System x3650 M4: -[7915J6G]-").

TAC is already involved. I have send TAC this discussion 😉

I figured you must have been on open hardware; would be very surprised to see this kind of watchdog issue on a Check Point gateway appliance.

The original post was from ggiordano. He has been using appliances.

I am experiencing this same challenge with watchdog eating up 100% after upgrading my 23800 HA setup from 80.40 to 81.10.

The active member always have this intermittent SIC connections to the Management Server. Once we failover to the standby member as active, the same SIC issue begins to manifest.

we only push policies to the standby member independently then failover to the other member to push the policy package as well.

its painstaking.

@Fameen I suggest you start a new discussion about your issue. The version and symptoms are quite different from this post.