This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Arturxr
Contributor
‎2026-01-22 05:30 AM
Jump to solution

VIP ping delay and active addresses of the MGMT interface

Hello, we've discovered that we have high ping latency to the VIP address and the active node address on our Check Point cluster on the MGMT IP. This seems to be causing communication issues between the Identity Collector and Check Point, as timeout errors periodically occur, and some events may not reach Check Point. Furthermore, the pdp monitor user command output returns the message "daemon did not respond or not running!", while the pdp monitor ip command displays a result.
I also can't run the cpinfo -y all command (the output freezes), and the gateway periodically appears red in the Smart Console.

Could you tell me what could be causing the ping latency to the VIP address and the active addresses of the MGMT interface?

0 Kudos
38 Replies
Timothy_Hall
MVP Gold
MVP Gold
‎2026-01-26 04:36 AM
In response to Arturxr
Jump to solution

Code level?  This option for fwaccel templates was introduced in R81.20.

New Book: "Max Power 2026" Coming Soon
Check Point Firewall Performance Optimization
0 Kudos
Vincent_Bacher
MVP Silver
MVP Silver
‎2026-01-23 06:17 AM
In response to Timothy_Hall
Jump to solution

Yes, memory issue was my second thought.
In the introductory article he states that he uses IDC.
What do you think of my idea of creating an upstream instance from redundant PDP devices, connecting the IDC to these devices, and then sharing the sessions with the pep / enforcing firewalls (vs), preferably using push instead of SmartPull?
IDC --> PDP --> PEP

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-23 06:23 AM
In response to Vincent_Bacher
Jump to solution

Im totally with you on that one, Vince. Certainly appears to be memory related.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
Vincent_Bacher
MVP Silver
MVP Silver
‎2026-01-23 06:28 AM
In response to the_rock
Jump to solution

It was my thought too, but the first person to mention memory here was our performance god Timothy. 😉

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
(1)
the_rock
MVP Diamond
MVP Diamond
‎2026-01-24 06:31 PM
In response to Vincent_Bacher
Jump to solution

Performance god...I like that 🙂

Best,
Andy
"Have a great day and if its not, change it"
Arturxr
Contributor
‎2026-01-25 10:10 PM
In response to Vincent_Bacher
Jump to solution

can you tell me what kind of memory is meant? There is no high utilization in terms of memory and RAM

0 Kudos
Arturxr
Contributor
‎2026-01-25 11:22 PM
In response to Arturxr
Jump to solution

I also found this picture, can you tell me if we can reconfigure the cores, it seems there are quite a lot of snd cores and few fw cores

 

 

Preview file
40 KB
Preview file
653 KB
0 Kudos
Arturxr
Contributor
‎2026-01-26 05:28 AM
In response to Arturxr
Jump to solution

it seems that the problem has been resolved, we will monitor it, we have done core balancing, according to https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_PerformanceTuning_AdminGuide...

in short,: set dynamic-balancing state enable

reboot

the_rock
MVP Diamond
MVP Diamond
‎2026-01-26 05:29 AM
In response to Arturxr
Jump to solution

Excellent, thanks for letting us know!

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events