Monthly Archives: March 2014

Check Your gtar versions

March 21, 2014 – 12:57 am

Here is an interesting one that doesn’t show up anywhere

Our SOME (not all) R75.47 HAs were failing (and I’m having suspicions about our backups).

  • $CPDIR/util/gtar –version    = 1.12
  • /bin/tar –version               = 1.15.1

Sure enough some sort of version incompatibility.

  • cp /bin/tar $CPDIR/util/gtar

Fixed it.

Taylor found it! Thanks.

dreez

By Dreezman | Posted in bugs, Check Point | Comments (0)

Manually restoring SIC files

March 17, 2014 – 10:44 am

Every now and then SIC just tends to disappear so we manually reset. Got this from a colleague (who taught me all I don’t know which is a ton) when they lost SIC on several firewalls  because their restores didn’t work when they tried to upgrade to R77.10 and had massive failures and had to revert. THEY:

– Replaced registry file $CPDIR/registry/HKLM_registry.data
– Also  $CPDIR/conf/sic_cert.p12
– Had to go through several backups to find ‘good’ SIC keys. VERY disconcerting. 

My demo box. $CPDIR/registry/HKLM_registry.data

sic

Be careful out there those of you living on the sharp upgrade end.

dreez

By Dreezman | Posted in bugs, Check Point, Tips and Tricks, VSX | Comments (0)

Great update on performance tuning SK

March 12, 2014 – 8:14 am

Finally someone did a great job updating this SK on performance tuning. As I read it I will post my comments here.

If this still is jibberish, you should take my class we go into extreme detail on all of this.

I spoke with the people Stella and Sergi updating the SK’s and they seem really dedicated and so for are doing a great job updating them. Thank YOU!!

SK Heaven,

dreez

 

 

 

 

By Dreezman | Posted in Uncategorized | Comments (0)

Snapshot space, GAIA disk space allocation and upgrades

March 1, 2014 – 10:08 pm

Ya know when you are installing GAIA and it tries to reserve 2000TB for snapshot images? At the time you are thinking “GEEZ Guido, how much space does a single image take???”. So you are not sure how to allocate all the memory.

My suggestions:

  1. Snapshots: You really are only going to keep 2 snaphots. 1 after you install/upgrade and then 1 before you upgrade (so you can go backward when it blows up).  So depending if you are dealing big MDS ours has 10GB snapshots. So if you allocation 50GB for snapshots you will be good for at least 2-5 snapshots. If the box has logs on it…then I’m not sure what to tell you but it will be big.snapshot allocation
  2. Root: This is a funny one. Depends on open server vs appliance. Open appliance they dump all the backups and customer directory into the Root partition even thought the /var/log is suppose to have the biggest partition. So on MDS open appliance assuming you moved everything over to /var/log and have all the patches you can make this about 20GB. But warning, if you didn’t move over to /var/log, then ‘backup’ command will load into this partition. Without backups, you are looking at about 5GB of code to install here. But once again you are warned about moving customer data, and backups into /var/log.
  3. /var/log: For an MLM, of course this is your biggest partition. NOTE: if you have bigger than 2TB disks you are going to have to use lvm to link them together. Read my blog about that (its a kernel block size limit).

Allocate ON!

dreez

By Dreezman | Posted in Check Point, MDM, Tips and Tricks | Comments (0)
Helen's Loom

"The most difficult thing is the decision to act, the rest is merely tenacity." -Amelia Earhart

Life Stories from Dreez

These are stories from my travels. Generally I like to write stories about local people that I meet and also brag about living the retirement dream with my #1 wife Gaby. She is also my only wife.