NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] FireWall-1, 40000 connections, and a hammered processor ...

Hey Frank,
	It's a pretty plain install really.  We're already looking at a
solution involving Alteon switches to split up the load between two servers,
but we haven't even received eval units yet to be able to check them out and
see if they do what we want them too.

FireWall-1 4.0
No NAT or VPN
Connection limit size changed as well as the hashtable size per FAQ

Thanks,
Abe

Abe L. Getchell - Security Engineer
Division of System Support Services
Kentucky Department of Education
VoiceE-mail  [email protected]
Web     http://www.kde.state.ky.us/



> -----Original Message-----
> From: Frank Darden [mailto:[email protected]]
> Sent: Friday, December 01, 2000 2:24 PM
> To: '[email protected]'; 
> [email protected]
> Subject: RE: [FW1] FireWall-1, 40000 connections, and a hammered
> processor ...
> 
> 
> You bet I have. However, I will need a bit more info on your
> configuration.What
> FW version, Are you using NAT? Where? When you say that you 
> increased the
> connection table, did you also increase the hash size as 
> well? What exactly
> did you change? If you could provide the info above, I may be 
> able to help.
> 40k connections through a single firewall is quite a lot. Not 
> that its not
> possible, but you might want to start making some plans to 
> split up or load
> balance your traffic.
> 
> Frank
> 
> -----Original Message-----
> From: [email protected] [mailto:[email protected]]
> Sent: Friday, December 01, 2000 12:18 PM
> To: [email protected]
> Subject: [FW1] FireWall-1, 40000 connections, and a hammered
> processor...
> 
> 
> 
> Hey all,
> 	We are currently experiencing a problem where our 
> firewall reaches
> about 40,000 concurrent connections (we increased the limit), 
> starts slowing
> down dramatically, and fwd starts eating CPU cycles.  Has 
> anyone seen this
> before?
> 
> Thanks,
> Abe
> 
> Abe L. Getchell - Security Engineer
> Division of System Support Services
> Kentucky Department of Education
> Voice> E-mail  [email protected]
> Web     http://www.kde.state.ky.us/
> 
> 
> 
> ==============================================================
> ==============
> ====
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==============
> ====
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.