 | ||
 SPLAT excessive memory usage? | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2005-12-28 | |||
| |||
 SPLAT excessive memory usage? Hello all - I wasnt sure where to post this question since I couldnt find the appropriate forum but - Has anyone noticed a tendency of SPLAT to use excessive amounts of memory under any specific circumstances? Such as a long, over complicated and heavily used rulebase or something? Heres the situation: The box is an Intel based 1U rackmount system running SPLAT, with a very diverse and (and perhaps) over complicated rule base. This is a production firewall serving many, many purposes and clients. It is pretty stable and doesnt seem to have any functionality issues - it has been up for quite some time now. The box has 1GB of memory, which is 99% used constantly, and I do mean ALL the time. Yet load averages show 0.00, CPUs are 99% idle, and TOP doesnt show any particular process using the memory. Any thoughts? Thanks in advance for the input.  |
| 2005-12-28 | |||
| |||
| Re: SPLAT excessive memory usage? Memory usage on a linux/unix/bsd only becomes a problem if the system begins to use swap. *nix's use unused physical RAM as a Read/Write cache for the filesystems. Use the 'free' command. 'swapinfo' on Nokia. High memory utilization on a *nix system is common. Begin to worry when the usage pours over to the swap files/partitions. |
| 2005-12-29 | |||
| |||
| Re: SPLAT excessive memory usage? As alianbaby said, if you're not swaping/paging and load adverage is down, don't worry about it. From a product standpoint, you might want to look at VSX & P1. VSX provides virtual firewalls and is good in the isp-like space and for data centers. It can be a big help in simplifing your rulebase. -jlh |
| 2006-01-10 | |||
| |||
| Re: SPLAT excessive memory usage? This answer might be a little late, but it still might be usefull to some one: I also noticed a excessive memory usage specially when the VSX has been logging locally for a while. The solution is to switch the logs on the VSX/VS. (it it not the same than to switch on the CMA/MDS.) You can check the size of your file by loging on the vsx and doing: [Expert@vsxxxx]# cd /var/opt/CPfw1-V25/CTX/ [Expert@vsxxxx]# du -sk */log | sort -n ... 3708 CTX00074/log 3724 CTX00072/log 3760 CTX00096/log ... Then you can list the local logs: [Expert@vsxxxx]# vrfctl -s 96 [Expert@vsxxxx]# fw -vs 96 lslogs Size Log file name 2152KB 2005-11-04_142611.log 1529KB fw.log Finally you can switch the logs, using the command line or the Smartview tracker for the corresponding cma/VS. (Tools/Remote Files Management) |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
