Allocating a CPU Core for Heavy Logging
If the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. generates very large number of logs, it may be advisable to allocate a processing CPU core to the fwd daemon, which generates the logs.
|
Note - This change decreases the number of CPU cores available for CoreXL |
|
Important Notes for Cluster:
|
To allocate a processing CPU core to the fwd daemon:
See Configuring Affinity Settings.
Step |
Instructions |
||||
---|---|---|---|---|---|
1 |
Connect to the command line on Security Gateway (each Cluster Member). |
||||
2 |
Log in to the Expert mode. |
||||
3 |
Run:
|
||||
4 |
Enter the number of the Check Point CoreXL option. |
||||
5 |
Decrease the number of CoreXL Firewall instances. |
||||
6 |
Exit from the |
||||
7 |
Examine which processing CPU cores run the CoreXL Firewall instances and which CPU cores handle the traffic from interfaces:
See fw ctl affinity. |
||||
8 |
Back up the
|
||||
9 |
Edit the
|
||||
10 |
Allocate one of the remaining CPU cores to the fwd daemon. To do so, configure the affinity
For example, to affine the fwd daemon to CPU core #2, add this line:
|
||||
11 |
Save the changes in the file and exit the editor. |
||||
12 |
Apply the new configuration:
|