This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Petrus_Rossouw
Participant
‎2018-10-02 01:20 AM
Jump to solution

Kernel Tables Calculation

Is there a calculation tool available for the kernel table sizes. I might have to increase the size of the hold_table on one of my firewall clusters and would like to calculate the optimal size for the available memory and current usage thereof.

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2018-10-02 05:14 AM
Jump to solution

I would strongly suggest to involve TAC instead of blundering Smiley Sad...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

4 Replies
G_W_Albrecht
Legend Legend
Legend
‎2018-10-02 05:13 AM
Jump to solution

While adjusting the hold timer is possible, it is strongly not recommended - see the sk44711 Kernel debug shows that TCP traffic is "dropped by fwhold_expires Reason: held chain expired" for detailed explanations. The hold table change ic covered in sk107324 Some traffic does not pass through Security Gateway and kernel debug shows "...dropped by fw_filter_chain Reason: chain hold".

There is no calculation for the optimal size - you have to raise it slowly until the drops disappear. Memory consumtion will grow of course...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2018-10-02 05:14 AM
Jump to solution

I would strongly suggest to involve TAC instead of blundering Smiley Sad...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
_Val_
Admin
Admin
‎2018-10-02 07:10 AM
In response to G_W_Albrecht
Jump to solution

second that

0 Kudos
Petrus_Rossouw
Participant
‎2018-10-03 04:20 AM
Jump to solution

Thank you for the feedback. I was never going to blunder through this and would certainly first check with Tac. I was however hoping to do a calculation of how much memory would increase by if I up the table by 25 or 50. The box have a fairly large memory reserve.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events