Hi,
I am currently seeing situations where a duplicate IP address (a client in my
lan duplicating VRRP
address) forces a pair of 380s (IPSO 3.7.1) to stop working. At this time both
Nokia suffer from a
high CPU load, they are not reachable with SSH, HTTPs, they respond to pings in
only 10 %. CP
Smart View Status show that on the side of FW-1 everything is fine. VRRP is
fine but they do not
route any traffic anymore.
When I log on to the console I see lots of messages:
[LOG_CRIT] kernel: plicate IP address 10.49.136.1! sent from mac address:
00:50:56:8a:1e:b3
[LOG_ERR] kernel: duplicate IP address 10.49.136.1! sent from mac address:
00:50:56:8a:1e:b3
In the messages file I also see
[LOG_CRIT] kernel: FW-1: Log buffer is full
[LOG_CRIT] kernel: FW-1: fw_asm_send_log: fwloghandle_send_log failed
As soon as the duplicate IP has gone everything is fine again - I can reach
them again, they work
as expected and cpu load is reasonable.
I searched Nokia KB for a way to prevent this and found Res 1693, but this does
not match my case.
Has anybody an idea how I can prevent the Nokia from this behaviour?
Steffen
___________________________________________________________
Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden:
http://mail.yahoo.de
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
