CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3, 9/7.
2. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
3. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > Clustering (Security Gateway HA and ClusterXL)
Reload this Page Packet loss on one of interfaces
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2008-03-12
Varyag Varyag is offline
Junior Member
  
Join Date: 2008-01-28
Posts: 7
Rep Power: 0
Varyag has an average reputation (10+)
Default Packet loss on one of interfaces
Check Point 60 with latest HFA, ClusterXL, 2 nodes + management, HA, all servers work under Solaris 9, bge NICs .

We have HP OpenView monitoring system, which every minute ping cluster interfaces. Monitoring system sometimes tell that on of interface unavailable on very short period(I assume that packets going to this interface losts). This is external interface(not Virtual) of active node. Other monitored interfaces available all time.
In SmartView Tracker I see that all packet from monitoring accepted by ruleset and no one of it blocked. In system log and in SmartView Tracker there no record informed that this interface up/down or media changed(10/100/1000).
When I ping from monitoring packet losts no more 5%.
At all time server load no more that 15%.
In SK with Expert access I don't find any article with something like this.

How can I debug this issue? Have anyone problem like this?
Reply With Quote
  #2 (permalink)  
Old 2008-03-12
melipla melipla is offline
Senior Member
  
Join Date: 2006-01-25
Posts: 836
Rep Power: 3
melipla has an average reputation (10+)
Default Re: Packet loss on one of interfaces
Quote:
Originally Posted by Varyag View Post
In system log and in SmartView Tracker there no record informed that this interface up/down or media changed(10/100/1000).
When I ping from monitoring packet losts no more 5%.
At all time server load no more that 15%.
The ClusterXL is extremely sensitive to interface changes so if any directly connected interface goes down even for a second then ClusterXL will log the state change in SmartView Tracker and it will cause a failover to the secondary member.

I think the fact that you're getting 5% packetloss is the area you need to investigate. If this is strictly on your LAN you should have zero packetloss. If you're crossing the internet to monitor remotely then packetloss is to be expected and your system should be designed to accommodate false positives.

To investigate packetloss, you need to examine every port inbetween the monitoring server and the firewall, looking for duplex and speed mismatches and check for interface errors.
__________________
Its all in the documentation.
Reply With Quote
  #3 (permalink)  
Old 2008-03-13
Varyag Varyag is offline
Junior Member
  
Join Date: 2008-01-28
Posts: 7
Rep Power: 0
Varyag has an average reputation (10+)
Default Re: Packet loss on one of interfaces
Thank you for the reply.
I think that very strange when on the other cluster interfaces packet did not losts. I check the media duplex and all interfaces and switch ports, but no problems found.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 16:20.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0