- Products
- Learn
- Local User Groups
- Partners
- More
Stop Babysitting Rules.
Go Agentic
Step Into the Future of
AI-Powered Cyber Security
The State of Ransomware Q1 2026
Key Trends and Their Impact
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
1) You have 96% accelerated packets (Accelerated pkts/Total pkts). Accelerated conns/Total conns 3% is the accept template hit rate, which is fine. Slowpath is 3%, which is also fine.
2) Hopefully, the components of bond0 are eth1-01 and eth1-03, and the components of bond1 are eth1-02 and eth1-04. If that is not the case, you have a gigantic imbalance on both TX and RX sides, even though active-active is set, and you'll need to set L3+4 Transmit Hash Policy on both sides of every bond. See my Be your own TAC Part Deux presentation. RX-DRP rate is right on the borderline of 0.1%, and fixing your bonds should help.
3) Due to the high percentage of fastpath traffic, your two SND cores (0/1) can get overwhelmed if Dynamic Split is not enabled, is it? show dynamic-balancing state from clish or dynamic_balancing -p from expert mode.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
