[FW-1] Strange Sync error message using Nokia VRRP and FP3 HFA313

Subject:	[FW-1] Strange Sync error message using Nokia VRRP and FP3 HFA313
From:	Samuel Wuethrich <samuel.wuethrich AT ISPIN DOT CH>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 27 Jun 2003 18:08:27 +0200

Hi

Using NG FP3 HFA313 on 2 Nokias IP330 IPSO 3.6 FCS4 as VRRP Cluster Sync
Interfaces eth-s4 5.25.25.4/30 connected over a seperate VLAN, not
cross-cable


I'm getting these messages on the master firewall:

Jun 27 16:29:40 fw1 [LOG_CRIT] kernel: FW-1:
fwldbcast_update_block_new_conns: sync in risk: did not receive ack for
the last 1172 packets. Jun 27 16:29:40 fw2 [LOG_CRIT] kernel: FW-1: It
is recommended to set the global parameter fw_sync_block_new_conns to 0.

Sync seems OK:

fw1[admin]# cphaprob state
Working mode:   Service
Number     Unique Address  State
1 (local)  5.25.25.5       active
2          5.25.25.6       active

What does this error mean and where do I find this
fw_sync_block_new_conns parameter?

Thanks for your help


mit Begeisterung, with enthusiasm

Samuel Wuethrich
Manager Technology

ISPIN AG
Grindelstrasse 15
CH-8303 Bassersdorf

Tel. +41 1 838 31 11
Fax. +41 1 838 31 12
Web. www.ispin.ch
samuel.wuethrich AT ispin DOT ch


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Strange Sync error message using Nokia VRRP and FP3 HFA313, Samuel Wuethrich Re: [FW-1] Strange Sync error message using Nokia VRRP and FP3 HFA313, Reinhard Stich [FW-1] Strange Sync error message using Nokia VRRP and FP3 HFA313, Samuel Wuethrich <=

Previous by Date:	Re: [FW-1] SPALT and ARP Entires, John Madden
Next by Date:	[FW-1] Connections fail to open under load due to port reuse, Andreas Ballack
Previous by Thread:	Re: [FW-1] Strange Sync error message using Nokia VRRP and FP3 HFA313, Reinhard Stich
Next by Thread:	[FW-1] Connections fail to open under load due to port reuse, Andreas Ballack
Indexes:	[Date] [Thread] [Top] [All Lists]