SmartMonitor and Multi-CPU monitoring

You probably already know all this but it was a surprise to me. SmartMonitor is not accurate. Wow, I’m sure this was on CNN, but I missed that broadcast.

OK, so when SecureXL is enabled the official CP policy is don’t trust SmartMonitor.

But there is more.

Multi-CPU

SmartMonitor will report that CPUs are at 25%. Well WRONG. That is the average CPU for all processors.

You have to manually inspect the processors that are licensed and configured with coreXL with ‘top’. Notice that only the # of allocated processors that have kernel instances on them are actually doing the work while the other processors are idle.. So if you are doing SNMP monitoring, so sad to bad – SOL as we say in Minnesooooota – Snow Out Of Luck.

Oh yeah, be careful applying licenses with coreXL and adding/subtracting processors. It will dynamically alter the number of CPUs permitted to run and you might have a member go into ‘ready’ state if the number of processors is not consitent across all cluster members.

 

FYI:

si: time the kernel spends handling software interrupts [ user space to kernel calls for passing
packets and receiving packets]
hi: time the kernel spends handling hardware interrupts
wa: time the processor is waiting for resources
sy: time the processor is handling mainline kernel code
id: idle
us: user space – httpd and vpnd, user /bin/bash shells

[I dummied these up to make it work so might be off a bit…]

CPU time

CPU time

 

And buried in SmartMonitor is the true fact that the kernel is underwater, but overall the 12 CPUs are slacking

Kernel CPU time

Kernel CPU time

 

Advertisements
Post a comment or leave a trackback: Trackback URL.

Comments

  • Henrik Noerr  On December 11, 2012 at 4:19 pm

    Hi,

    You can monitor SI with snmp – 1.3.6.1.4.1.2620.1.6.7.5.1.5
    this is very helpful to determine if the firewall is loaded. (high SI is typically because of high packet rate. bonding and irq swizzeling will help)

    with top, remember that by default it will summerize the load. press 1 to show all cores and shift w to save the top config

    /Henrik

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

blog.lachmann.org

Michael Endrizzi's - St. Paul MN - CheckPoint blog on topics related to Check Point products and security in general.

%d bloggers like this: