Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[FW1] [NT] Near 100% CPU utilization

2 views
Skip to first unread message

fw-1-mailin...@lists.us.checkpoint.com

unread,
Aug 5, 1998, 3:00:00 AM8/5/98
to jwo...@imb.com.au, fw-1-mai...@lists.us.checkpoint.com

Hi,

We have had the same problem on our mgt running Ace server, when we
reboot it was using 100 % CPU.
Try to stop the FW service and start it again, it works for us anyway.

Jacob
System Admin
Olicom A/S

-----Original Message-----
From: Jason Woods [mailto:jwo...@imb.com.au]
Sent: Tuesday, August 04, 1998 8:46 AM
To: 'fw-1-mai...@lists.us.checkpoint.com'
Subject: [FW1] [NT] Near 100% CPU utilization

Strange problem this, I'm getting near to 100% CPU utilization on our
FW1, we are running NT 3064.

This doesnt relate to the amount of users passing through either, and
no user or client authentication is taking place, just plain NAT!
Its only been the past few weeks that this has shown up, doesnt relate
to the move to 3064, upgrade to 3072 didnt help either!

Anyone experienced something similar or could offer a suggestion?

Many thanks in advance
Jason

========================================================================
========
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
========


================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================

fw-1-mailin...@lists.us.checkpoint.com

unread,
Aug 5, 1998, 3:00:00 AM8/5/98
to fw-1-mai...@lists.us.checkpoint.com

Strange problem this, I'm getting near to 100% CPU utilization on our
FW1, we are running NT 3064.

This doesnt relate to the amount of users passing through either, and
no user or client authentication is taking place, just plain NAT!
Its only been the past few weeks that this has shown up, doesnt relate
to the move to 3064, upgrade to 3072 didnt help either!

Anyone experienced something similar or could offer a suggestion?

Many thanks in advance
Jason

================================================================================

fw-1-mailin...@lists.us.checkpoint.com

unread,
Aug 5, 1998, 3:00:00 AM8/5/98
to fw-1-mai...@lists.us.checkpoint.com

FIXED!!!! The guys here in Comtech Australia (Robert in particular) took 2
seconds to fix it!!

Firewall 1 was trying to resolve itself each time it talks to the external
NIC, meaning that due to the config of our firewall where its pointed to an
external DNS (keeping our Internal DNS away from public eyes) it was taking
waaaay too long to resolve.

He got me to add an entry into the HOSTS. file stating the Netbios name of
the firewall and the External NIC address! Instantly fixed the problem!
I'd actually recommend doing this anyway now as firewall now resolves its
name internally!

Ps. HINT: to refresh the HOSTS. file after changing it (In NT - or 95 or
3.11 etc) type 'nbtstat -R' make sure its a CAPITAL R and your net bios
tables will be refreshed instantly!

Many thanks for your input!
Jason

Jacob Hansen wrote:

> Hi,
>
> We have had the same problem on our mgt running Ace server, when we
> reboot it was using 100 % CPU.
> Try to stop the FW service and start it again, it works for us anyway.
>
> Jacob
> System Admin
> Olicom A/S
>
> -----Original Message-----
> From: Jason Woods [mailto:jwo...@imb.com.au]
> Sent: Tuesday, August 04, 1998 8:46 AM
> To: 'fw-1-mai...@lists.us.checkpoint.com'
> Subject: [FW1] [NT] Near 100% CPU utilization
>

fw-1-mailin...@lists.us.checkpoint.com

unread,
Aug 8, 1998, 3:00:00 AM8/8/98
to jwo...@imb.com.au

I've seen this behaviour many times on NT-based FW-1 systems.

The symptoms that I'm familiar with are:

- CPU load at 100%.
- NT task manager shows one of the FW.EXE processes using all
free CPU (to get task manager, CTRL-ALT-DEL, select "Task Manager" and
click "Processes" tab).

I find that "bouncing" the FW-1 daemon with FWSTOP followed immediately
by FWSTART invariably cures the problem, although it may come back again.

I've seen this problem on several different 3.0 revisions including
3.0b-nonpatched,
3.0b-3045 and 3.0b-3064. I believe that I've also seen it on 3.0a. I've
never
discovered what actually causes this problem in the first place. Discussions
I've had with other FW-1 installers indicate that it is not uncommon.

Roy Hills

At 16:45 04/08/98 +1000, Jason Woods wrote:
>
>Strange problem this, I'm getting near to 100% CPU utilization on our
>FW1, we are running NT 3064.
>
>This doesnt relate to the amount of users passing through either, and
>no user or client authentication is taking place, just plain NAT!
>Its only been the past few weeks that this has shown up, doesnt relate
>to the move to 3064, upgrade to 3072 didnt help either!
>
>Anyone experienced something similar or could offer a suggestion?
>
>Many thanks in advance
>Jason

--
Roy Hills Tel: 01634 721855
NTA Monitor Ltd FAX: 01634 721844
6 Beaufort Court, Medway City Estate, Email: Roy....@nta-monitor.com
Rochester, Kent ME2 4FB, UK WWW: http://www.nta-monitor.com/

fw-1-mailin...@lists.us.checkpoint.com

unread,
Aug 8, 1998, 3:00:00 AM8/8/98
to jwo...@imb.com.au, Roy Hills

Is your log viewer also slooooow?

I find that you remove alot of pain from
1) installing FW-1
2) waiting for log viewer to display or scroll
by putting the usual stuff in to the etc/hosts
file ie host name with 127.0 and real IP numbers
well.
On an NT box (it is these people that suffer this
the most as they aren't in the habit) it usually
lives in the
?:\winnt\system32\drivers\etc\hosts or something
like that.

Look for a file called hosts.sam edit it and save it
as just hosts with any luck things will speed up for
you. The problem is generally caused by NT doing
dns lookups on its host name and timing out as
most people who have NT don't run things like
their own DNS server.

Hope this helps
regards
Norman

fw-1-mailin...@lists.us.checkpoint.com

unread,
Aug 9, 1998, 3:00:00 AM8/9/98
to Norman Hoy, jwo...@imb.com.au, Roy Hills

At 17:45 8/8/98 +0930, Norman Hoy wrote:
>
>Is your log viewer also slooooow?
>
>I find that you remove alot of pain from
>1) installing FW-1
>2) waiting for log viewer to display or scroll
>by putting the usual stuff in to the etc/hosts
>file ie host name with 127.0 and real IP numbers

Instead of maintaining a hosts file all you need to do is to tell the log
viewer not to resolve host names, the log will show IP addresses and if you
need to look them up use NSLOOKUP. I'm at home now so I can't tell you
exactly where the setting is.

Ken

fw-1-mailin...@lists.us.checkpoint.com

unread,
Aug 9, 1998, 3:00:00 AM8/9/98
to Norman Hoy, jwo...@imb.com.au, Roy Hills

I agree with you, and it is a very good point to add the hosts file.
Most of the NT 100% CPU utilization is caused by the network connection
problem.

Jason Xu

-----Original Message-----
From: Norman Hoy [mailto:no...@aone.com.au]
Sent: Saturday, August 08, 1998 1:16 AM
To: jwo...@imb.com.au; Roy Hills
Cc: fw-1-mai...@lists.us.checkpoint.com
Subject: Re: [FW1] [NT] Near 100% CPU utilization

Is your log viewer also slooooow?

I find that you remove alot of pain from
1) installing FW-1
2) waiting for log viewer to display or scroll
by putting the usual stuff in to the etc/hosts
file ie host name with 127.0 and real IP numbers

> To unsubscribe from this mailing list, please see the instructions
at
> http://www.checkpoint.com/services/mailing.html
>=======================================================================
===
======
>

========================================================================

0 new messages