[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] ng fp1 performance tuning
Hardware: Sunfire 280R with Gigaswift and Quad
interfaces.
Software: CheckPoint Firewall-1 NG FP1. StoneSoft FullCluster 3.0 Hotfix 2. Solaris 8.0 64bit. We have come across what we think is a memory allocation problem. When we
install rulebase policy on fw module we get:
<snip>
Installing Security Policy on all.all@
Mar 27 16:30:04 xxx fw: FW-1: Attempting to create an already existing table: vpn_enc_domain_valid (104) Failed to Load Security Policy: Not enough space Mar 27 16:30:04 xxx fw: FW-1: Warning: atomic loading failed during policy replacement (preparation stage) Failed to Load Security Policy: Kernel memory allocation failed Fetching Security Policy from localhost failed <snip>
This accurs when we have 16 interfaces (including virtual ones). It works
to install the policy when we remove 2 interfaces.
It's interesting that the fw says not enough space, we have increased the
hmem to 10mb (set fw:fwhmem=0x1000000 in /etc/system).
It seems hard to find any good tweaking documents regarding this issue with NG. Has onyone experienced this error or know how to solve it?
Best regards
Daniel Grahn N¶öjØë9ó~'¢¶°k)²ÆzËÖzf¢Ú!$ÒeËlºÇ!yÉ)¢)ír¢Ø^àØûayéVvÇ
fj)b b²Ùè¥N§²æìr¸yúèØb²f¢)à+-¦W±ëzØ^{-®ç-ìjØm¶ÿÃ
ç$¦§µÊ&þǾ'³ùX§fò¢èZ½æ§Ê²ØÊ'-¡ÈZ²¢êì®*mè¦ØÇj)_ÃZ0êí±È^rJh{\¢
|