- Products
- Learn
- Local User Groups
- Partners
- More
This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
- Products
- Learn
- Local User Groups
- Upcoming Events
- Americas
- EMEA
- Czech Republic and Slovakia
- Denmark
- Netherlands
- Germany
- Sweden
- United Kingdom and Ireland
- France
- Spain
- Norway
- Ukraine
- Baltics and Finland
- Greece
- Portugal
- Austria
- Kazakhstan and CIS
- Switzerland
- Romania
- Turkey
- Belarus
- Belgium & Luxembourg
- Russia
- Poland
- Georgia
- DACH - Germany, Austria and Switzerland
- Iberia
- Africa
- Adriatics Region
- Eastern Africa
- Israel
- Nordics
- Middle East and Africa
- Balkans
- Italy
- Bulgaria
- Cyprus
- APAC
- Partners
- More
- ABOUT CHECKMATES & FAQ
- Sign In
- Leaderboard
- Events
Quantum Spark Management Unleashed!
Introducing Check Point Quantum Spark 2500:
Smarter Security, Faster Connectivity, and Simpler MSP Management!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Who rated this post
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
USFW Thread Blocker Details?
So like most of my painfully specific questions this will probably need to be answered by R&D. Tagging @PhoneBoy
I'm doing my monthly updates to my Gateway Performance Optimization Course, and I'm curious about the role of the "Thread Blocker" and under what circumstances it might need to be disabled. As I understand so far it is some kind of watchdog to ensure that a USFW-based fwk worker instance does not monopolize its CPU while handling a long-running thread by basically blocking that hogging thread, and giving some other ones a fair chance at that CPU. This feature seems to be trying to avoid a kernel "soft lockup" type situation that could occur when the worker instances were still located in the kernel, and did not relinquish the CPU in a timely fashion. However some other things I've read are that it is purely "monitoring only" and does not actively do anything other than create logs. This SK does provide some insight but I'm specifically curious about what kinds of situations/workloads (elephant flows?) would not play well with this feature that is enabled by default:
Also @Thomas_Eichelbu posted some interesting speculation & questions about the Thread Blocker in a prior thread that don't appear to have been answered:
Thanks!
Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
©1994-2025 Check Point Software Technologies Ltd. All rights reserved.
Copyright
Privacy Policy
About Us
UserCenter