[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] ng fp1 performance tuning
- To: [email protected]
- Subject: [FW-1] ng fp1 performance tuning
- From: Daniel Grahn <[email protected]>
- Date: Thu, 28 Mar 2002 18:00:19 +0100
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcHWegp5FiwFf4uYTUC5wl+DEx0E8Q==
- Thread-topic: ng fp1 performance tuning
Hardware: Sunfire 280R with Gigaswift and Quad
interfaces.
Software: CheckPoint Firewall-1 NG FP1. StoneSoft FullCluster 3.0
Hotfix 2. Solaris 8.0 64bit.
We have come across what we think is a memory allocation problem. When we
install rulebase policy on fw module we get:
<snip>
Installing Security Policy on all.all@
Mar 27 16:30:04 xxx fw:
FW-1: Attempting to create an already existing table: vpn_enc_domain_valid
(104)
Failed to Load Security Policy: Not enough space
Mar 27 16:30:04 xxx
fw: FW-1: Warning: atomic loading failed during policy replacement (preparation
stage)
Failed to Load Security Policy: Kernel memory allocation
failed
Fetching Security Policy from localhost failed
<snip>
This accurs when we have 16 interfaces (including virtual ones). It works
to install the policy when we remove 2 interfaces.
It's interesting that the fw says not enough space, we have increased the
hmem to 10mb (set fw:fwhmem=0x1000000 in /etc/system).
It seems hard to find
any good tweaking documents regarding this issue with NG.
Has onyone experienced this error or know how to solve it?
Best regards
Daniel Grahn
N‹�¶öœjØœë9óŸ~'�¢¶°k)ž²ÆzË�Özf¢–Ú�!$Ò��eŠËlºÇ!yÉ)¢)ír‰¢žØ^�àØûayéVvÇ
fj)bž b²Ùè¥N‹§²æìr¸›yúèšØb²f¢–)à–+-¦Wš±ë�zØ^Š{-®ç-Š‰ìjØm¶ŸÿÃ��…ç$¦ˆ§µÊ&þǾ'�³ùšŠX§‚�f”‡ò¢èZ½æ§Êž²ØžÊ'†Œ-¡ÈZž�²¢êì�®*mŠ‰è¦ØžÇj)_ÃZ0êí±È^rJhŠ{\¢
