> From: Ray Zupancic [mailto:rzupancicat_private] Monday, January 17, 2000 6:50 PM > I inherited a network with a Checkpoint 4.0 FW-1 on an Ultra5 running > Solaris 2.6 with 128 megs of ram. Originally it was two > identical systems > clustered with Veritas Firstwatch > > In any case, this system mysteriously slows to a crawl and > stops processing traffic at random times of the day--usually > up to 10 minutes or so--and then resumes without intervention. > The only thing I can see is that the system usage goes to 100, > and the run queue skyrockets due to this (there is not process running > away, it seems to be kernel). Do you have any network objects of type "domain?" Because the firewall relies on DNS to resolve these objects, any funniness with DNS can cause random erratic performance. Best advice is to avoid them completely. If you can't (you probably could if you tried), make sure domain object rules are at the bottom of the rulebase. It's one idea.... -----michael cannella mailto:mcannellaat_private -----Internet Security Systems, eServices -----http://www.iss.net/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:58:18 PDT