This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JasonMcAllister
Contributor
‎2020-09-03 01:30 AM
Jump to solution

R80.40 VSX VSLS (JHF Take 77) on Openservers has Multi-Queue and SMT enabled

Hi All,

I've just upgraded a 6 member VSX VSLS cluster from R80.10 to R80.40.

Before the upgrade there was no multi-queue or SMT configuration.
Whilst multi-queue was supported on R80.10 because of the ixgbe driver, I did not have it configured.
SMT was well known to not be supported on Openservers, so also not configured.

The hardware for each member is HP ProLiant DL380p Gen 8.

After upgrading to R80.40, to my surprise I suddenly found 32 CPU cores instead of 16 CPU cores, and that every interface had automatic multi-queues.

The documentation suggests that both SMT and multi-queue are items you have to 'decide' to enable.

So, given I've not chosen to enable these myself... Is R80.40 now supporting SMT and automatically enabling it?

Each VSX Gateway in the cluster only has a license for 16 Cores, so I don't know how that affects this also.

cpconfig has no options to disable hyper-threading.

 

Is anyone else seeing this as a default behaviour?

Is this behaviour to do with the new 'automatic resource allocation' features?

Many thanks,

JD

 

Labels
0 Kudos
3 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
‎2020-09-04 11:37 AM
Jump to solution

On Open Servers, virtual cores created by Hyperthreading need to be licensed if you want to use them.
Hyperthreading has to be disabled in the BIOS.

Multiqueue is now enabled by default from R80.40.

View solution in original post

Guy_Israeli
Employee
Employee
‎2020-09-07 03:49 AM
In response to PhoneBoy
Jump to solution

Currently (R80.40), license is counting only the physical cores, but in the future we will enforce based on the virtual cores.

 

Thanks, Guy

View solution in original post

Guy_Israeli
Employee
Employee
‎2020-09-16 10:11 PM
In response to JasonMcAllister
Jump to solution

Hi  @JasonMcAllister 

We are planning to return the license enforcement back to normal in R81.10.

It will be mentioned in the release notes.

 

Guy

View solution in original post

11 Replies
PhoneBoy
Admin
Admin
‎2020-09-04 11:37 AM
Jump to solution

On Open Servers, virtual cores created by Hyperthreading need to be licensed if you want to use them.
Hyperthreading has to be disabled in the BIOS.

Multiqueue is now enabled by default from R80.40.

JasonMcAllister
Contributor
‎2020-09-04 11:43 AM
In response to PhoneBoy
Jump to solution

Hi @PhoneBoy,

 

Thanks for the reply. TAC also managed to clarify although what your saying seems at odds with the message they gave me.

TAC have pointed me to:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

This seems to read to me that the license for cores is based on REAL cores and not SMT/Hyperthreaded logicals - Especially based on the last line of the SK.

I would appreciate your thoughts on this?

 

Best regards,

JD

JasonMcAllister
Contributor
‎2020-09-04 11:44 AM
In response to JasonMcAllister
Jump to solution

Just to add, I understand now that 3.10 Kernel honours the BIOS setting rather than having a setting to disable/enable SMT/HT in cpconfig. 😃

PhoneBoy
Admin
Admin
‎2020-09-04 01:53 PM
In response to JasonMcAllister
Jump to solution

The licensing issue was discussed a while back here: https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/Does-R80-40-support-HP-DL380-G10/...
Entirely possible this has changed since that discussion took place.
@Guy_Israeli can you clarify as it seems sk156793 contradicts what we've said in the past regarding licensing and Hyper-Therading on Open Servers?

0 Kudos
JasonMcAllister
Contributor
‎2020-09-04 01:55 PM
In response to PhoneBoy
Jump to solution

Thank for checking, despite my license being "CPSG-8-C-U CPSG-8-C-U", I have noticed coreXL seems to have put the 16 extra into use from the looks of it in fw ctl affinity -l and mq_mng --show.

shais
Employee
Employee
‎2020-09-06 12:31 AM
Jump to solution

Hi,

I would like to add my input and verify all is clear.

Since R80.30 3.10, we do not have any option to disable SMT via code, this is something we aim to change in later versions.

Since open servers did not support SMT up until R80.30 3.10 we added, we created a code in R80.40 jumbo to disable SMT when upgrading for non-R80.30 3.10 via the blink option.

Since VSX currently does not support blink, you received SMT enabled by default.
This is ok and supported now but in case you would like to disable it again and keep the same configuration you did before, you should disable SMT via the BIOS.
In later versions, we will add such support in CLI. 

Regarding Multi-Q, as was already answered below, supported by default 

PhoneBoy
Admin
Admin
‎2020-09-06 11:07 PM
In response to shais
Jump to solution

Can you confirm the licensing issue (i.e. will an 8 core Open Server license officially support 16 cores with SMT enabled)?

0 Kudos
Guy_Israeli
Employee
Employee
‎2020-09-07 03:49 AM
In response to PhoneBoy
Jump to solution

Currently (R80.40), license is counting only the physical cores, but in the future we will enforce based on the virtual cores.

 

Thanks, Guy

JasonMcAllister
Contributor
‎2020-09-14 02:06 AM
In response to Guy_Israeli
Jump to solution

@Guy_Israeli thank you for the reply.

Can you advise on when R&D would be looking to change this?

I do not wish to be stung by applying a JHF or a major update and not realise this is being changed.

0 Kudos
Guy_Israeli
Employee
Employee
‎2020-09-16 10:11 PM
In response to JasonMcAllister
Jump to solution

Hi  @JasonMcAllister 

We are planning to return the license enforcement back to normal in R81.10.

It will be mentioned in the release notes.

 

Guy

JasonMcAllister
Contributor
‎2020-09-17 02:11 AM
In response to Guy_Israeli
Jump to solution

@Guy_Israeli thank you for clarifying.

Knowing this allows me to better plan for future.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events