I had this same question and posed it to Nokia. I'm running an IP530
with 256 RAM on NGAI R55 HFA_03 at the time. Here is the info that
nokia sent me.
Dear Rick Quick,
Unfortunately there isn't a guide or chart that will show how much RAM
will be used based on the number of users or connections because this
will vary quite alot depending on a number of factors. The best way to
monitor the RAM usage would be to keep an eye on the % used. If it
starts going over 95% that could indicate a problem or lack or RAM.
Also keep an eye on the swap space used. Swap space will only be used
if the physical memory is being over used or it can't release enough of
it to support what needs it at that time. It will be normal to see it
being used but if it starts using alot of swap space then that could
also indicate a problem or lack of memory. The command to view the swap
space is either swapinfo or pstat -ks.
You can view and update your case by logging onto the Nokia Support Web
at https://support.nokia.com or by replying to this email. Please do not
edit the subject or reply-to fields of your email response.
Thank you,
Craig
Nokia Technical Support
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of
Warrington Bruce - bwarri
Sent: Friday, August 26, 2005 7:24 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Question on memory usage for Nokia firewalls
Most of the RAM is shown as used even if it's just used for caching,
which kind of makes the statistics you get back from those checks not as
useful as you'd like.
Still, 256 MB is the absolute minimum, and at this point (if you're
running the latest versions of IPSO / Checkpoint) I normally consider
512 MB to be the smallest I'd normally buy for a modest company
installation (More than a SOHO type install). As you add more memory,
you may also have to modify some parms for your CP install to make use
of it, as some tables are limited by software and will top out even
though you have the extra available memory (and usually complain in the
logs, etc).
About all I've seen from Nokia is tables like this from the release
notes for IPSO (sorry if the formatting stinks in text mode):
Check Point Maximum Maximum
DRAM maximum conn conn w/ Web Intel Hash table size Mem pool
sz mem pool size
-------------------------------------------------------
256 MB 36,000 0 2 MB 48 MB 64 MB
512 MB 135,000 50,000 4 MB 196 MB 256 MB
1 GB 360,000 140,00 8 MB 400 MB 512 MB
2 GB 725,000 325,000 16 MB 800 MB 900 MB
Bruce
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Fire
Wall
Sent: Friday, August 26, 2005 15:28
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Question on memory usage for Nokia firewalls
Greetings:
I've noticed that all of my Nokia firewalls are running at about 90-95%
for memory usage. The load is very low on these firewalls, and some of
them are hardly even active. Yet all of them report very small amounts
of free memory.
Here's an example:
Memory Utilization (KBs)
Total Real Memory 262144
Active Real Memory 251264
Free Memory 10880
This tells me that out of 262,144 Bytes (256 Megs of RAM), I only have
10.6 Megs of free memory. Now this is on the inactive node of a VRRP
cluster, so it's not passing any traffic. The Load is very low at 0.26.
Is this normal behavior is am I having some sort of memory issue here?
TIA
TJ
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================
************************************************************************
**
The information contained in this communication is confidential, is
intended only for the use of the recipient named above, and may be
legally
privileged.
If the reader of this message is not the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.
If you have received this communication in error, please resend this
communication to the sender and delete the original message or any copy
of it from your computer system.
Thank You.
************************************************************************
**
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
