How to Print Static-Routes netstat -nr | grep -v D
netstat -rn |grep eth1 | awk -F' ' ' {print $1, $2, $3}' | sort >routes.txt
netstat -rn |grep eth1 | awk -F' ' ' {print $1, $2, $3}' | sort | wc -l
cpstat -f licensing os
ip -s route show cache
cpstat -f policy fw
cpstat -f IKE vpn
ip neighbor
netstat -rvm
fw ctl multk stat
arp -an
Blade Precedents -
SSL Inspection
URL Filtering
Application Control
IPS Geo Protect
Content Awareness
Anti Bot
Anti Virus
SSL Light - DNS name
SNI
Certificate
cpconfig
10
1
Acceleration
fwaccel stats -s
Affinity
fw ctl affinity -l -r -v -a
sim affinity -s
Kernel
multi-kernel statistics (multik)
fw ctl multik stat
fw ctl multik get_mode
fw ctl multik dynamic_dispatching get_mode
CoreXL
Monitoring CoreXL load distribution
fw ctl affinity -l -a -v
fw ctl affinity -l -r
cat /opt/CPsuite-R80.20/fw1/boot/modules/fwkern.conf
R80.20 secureXL and firewall act separelty
To check if the SND is slowing down the traffic:
Identify the processing core to which the interfaces are directing traffic using fw ctl affinity -l -r.
Under heavy traffic conditions, run the top command on the CoreXL gateway and check the values for the different cores under the 'idle' column.
Troubleshooting problem
investigation
RCA - Root cause Analysis
NETWORK /Subnet Mask
/16 /24 .0 -- 1 Subnets -- 244 hosts
/17 /25 .128 -- 2 Subnets -- 126 Hosts/Subnet
/18 /26 .192 -- 4 Subnets -- 62 Hosts/Subnet
/19 /27 .224 -- 8 Subnets -- 30 Hosts/Subnet
/20 /28 .240 -- 16 Subnets -- 14 Hosts/Subnet
/21 /29 .248 -- 32 Subnets -- 6 Hosts/Subnet
/22 /30 .252 -- 64 Subnets -- 2 Hosts/Subnet
/23 /31 .254
/32 .255 /32 -- 1 hosts
192.168.1.0/28 -- 16 Subnets -- 14 Hosts/Subnet
.0 - network
.1 - Usable host
.14 - Usable host
.15 - Broadcast
/29 has 6 usable IP
192.168.1.0/29 -- 32 Subnets -- 6 Hosts/Subnet
.0 - network
.1 - Usable host
.6 - Usable host
.7 - Broadcast
/30 has 2 usable IP
eg 192.168.1.0/30 (255.255.255.252) /30 -- 64 Subnets -- 2 Hosts/Subnet
.0 - network
.1 - Usable host
.2 - Usable host
.3 - Broadcast
eg 192.168.1.4/30
.4 - network
.5 - Usable host
.6 - Usable host
.7 - Broadcast
Checks
[Expert@myfw01:0]#
1 pep show user all
2 pep show user all | wc -l
3 pdp show
4 pdp show connections
5 pdp connections
6 pdp connections pep
7 pep show
8 pep show user
9 pep show user query
10 pep show user query usr myid01
[Expert@myfwe-int01:0]# installed_jumbo_take
R77.30 Jumbo Hotfix Accumulator take_117 is installed, see sk106162.
[Expert@myfwe-int01:0]#
[Expert@myfwe-int01:0]# cpinfo -y all
