CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 3 of 3

Thread: Packet loss on one of interfaces

  1. #1
    Join Date
    2008-01-28
    Posts
    8
    Rep Power
    0

    Default Packet loss on one of interfaces

    Check Point 60 with latest HFA, ClusterXL, 2 nodes + management, HA, all servers work under Solaris 9, bge NICs .

    We have HP OpenView monitoring system, which every minute ping cluster interfaces. Monitoring system sometimes tell that on of interface unavailable on very short period(I assume that packets going to this interface losts). This is external interface(not Virtual) of active node. Other monitored interfaces available all time.
    In SmartView Tracker I see that all packet from monitoring accepted by ruleset and no one of it blocked. In system log and in SmartView Tracker there no record informed that this interface up/down or media changed(10/100/1000).
    When I ping from monitoring packet losts no more 5%.
    At all time server load no more that 15%.
    In SK with Expert access I don't find any article with something like this.

    How can I debug this issue? Have anyone problem like this?

  2. #2
    Join Date
    2006-01-25
    Location
    Americas
    Posts
    1,535
    Rep Power
    15

    Default Re: Packet loss on one of interfaces

    Quote Originally Posted by Varyag View Post
    In system log and in SmartView Tracker there no record informed that this interface up/down or media changed(10/100/1000).
    When I ping from monitoring packet losts no more 5%.
    At all time server load no more that 15%.
    The ClusterXL is extremely sensitive to interface changes so if any directly connected interface goes down even for a second then ClusterXL will log the state change in SmartView Tracker and it will cause a failover to the secondary member.

    I think the fact that you're getting 5% packetloss is the area you need to investigate. If this is strictly on your LAN you should have zero packetloss. If you're crossing the internet to monitor remotely then packetloss is to be expected and your system should be designed to accommodate false positives.

    To investigate packetloss, you need to examine every port inbetween the monitoring server and the firewall, looking for duplex and speed mismatches and check for interface errors.
    Its all in the documentation.

  3. #3
    Join Date
    2008-01-28
    Posts
    8
    Rep Power
    0

    Default Re: Packet loss on one of interfaces

    Thank you for the reply.
    I think that very strange when on the other cluster interfaces packet did not losts. I check the media duplex and all interfaces and switch ports, but no problems found.

Similar Threads

  1. UTM-1 Edge packet loss when cent. mgt.
    By dhoobler76 in forum Check Point UTM-1 Edge Appliances
    Replies: 1
    Last Post: 2009-08-25, 23:42
  2. Dropped packet between two external interfaces
    By brierw in forum NAT (Network Address Translation)
    Replies: 2
    Last Post: 2009-06-25, 15:39
  3. strange packet loss when connecting through HSRP
    By eduardw in forum VPN-1 VSX
    Replies: 1
    Last Post: 2008-10-30, 11:47
  4. Replies: 4
    Last Post: 2008-04-18, 04:41
  5. Crazy Securemote Packet Loss problem
    By safetyboy in forum SecureClient/SecuRemote
    Replies: 1
    Last Post: 2006-11-10, 11:42

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •