Default Configuration of CoreXL
|
|
Important - This default configuration applies only to Security Gateways that do not support Dynamic Balancing of CoreXL |
When you enable CoreXL, the default number of CoreXL Firewall instances is based on the total number of CPU cores.
The default affinity
The assignment of a specified CoreXL Firewall instance, VSX Virtual System, interface, user space process, or IRQ to one or more specified CPU cores. setting for all interfaces is automatic when SecureXL Check Point product on a Security Gateway that accelerates IPv4 and IPv6 traffic that passes through a Security Gateway. is enabled. See Allocation of Processing CPU Cores.
Traffic from all interfaces is directed to the CPU cores that run the CoreXL Secure Network Distributor (SND).
Default number of IPv4 CoreXL Firewall instances
|
Number of |
Default number of |
Default number of |
||
|---|---|---|---|---|
|
1 |
1 (CoreXL is disabled) |
1 (CoreXL is disabled) |
||
|
2 |
2 |
2 |
||
|
4 |
3 |
1 |
||
|
6-20 |
Number of CPU cores, minus 2 |
2 |
||
|
More than 20 |
Number of CPU cores, minus 4.
|
4 |
The numbers of CoreXL Firewall instances start from zero.
The numbers of CPU cores start from the highest CPU ID allowed by the current Check Point license on your Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources..
Refer to the ID and CPU columns in this example:
# fw ctl multik stat ID | Active | CPU | Connections | Peak ---------------------------------------------- 0 | Yes | 7 | 5 | 21 1 | Yes | 6 | 3 | 23 2 | Yes | 5 | 5 | 25 3 | Yes | 4 | 4 | 21 4 | Yes | 3 | 5 | 21 5 | Yes | 2 | 5 | 20 |
# fw6 ctl multik stat ID | Active | CPU | Connections | Peak ---------------------------------------------- 0 | Yes | 7 | 0 | 4 1 | Yes | 6 | 0 | 4 |
Maximal number of IPv4 CoreXL Firewall instances
|
Gaia kernel edition |
Check Point Appliance |
Open Server |
|---|---|---|
|
64-bit |
40 |
40 |
|
|
Notes:
|