Support Center > Search Results > SecureKnowledge Details
Resource Advisor (RAD) does not reuse connections (opens new connection for each request) Technical Level
Symptoms
  • Random issues with HTTP / HTTPS traffic through a Security Gateway with enabled URL Filtering blade and/or Application Control blade.

  • Traffic capture on the Security Gateway shows that the Resource Advisor (RAD) does not send more than 1 session per connection.

  • SmartView Tracker might show multiple alert logs "Internal System Error occurred" for HTTP / HTTPS traffic (as described in sk64162).

  • Output of the netstat command on the Security Gateway shows many connections on port 80 opened to Akamai server:

    [Expert@FW:0]# netstat -anp | grep ':80'
    tcp        0      0 x.y.z.w:n          a.b.c.d:80            TIME_WAIT
    tcp        0      0 x.y.z.w:n          a.b.c.d:80            TIME_WAIT
    tcp        0      0 x.y.z.w:n          a.b.c.d:80            TIME_WAIT
    ...
    tcp        0      0 x.y.z.w:n          a.b.c.d:80            TIME_WAIT
    
    where:
    x.y.z.w:n is the Security Gateway's IP address and Source Port from which the connection was opened
    a.b.c.d:80 is the current Destination IP address of Akamai server - Check Point updates.
  • Output of top / ps auxw commands shows that the RAD daemon consumes CPU at a high level, especially when the traffic volume is high.

  • The issue is more likely to occur on VSX Gateways.

Cause
  1. (Issue 01400769) Resource Advisor (RAD) daemon does not reuse connections (opens new connection for each request).
  2. (Issue 01861543) Resource Advisor (RAD) daemon sends one categorization query to Check Point cloud in one connection. As a result, the rate of the connections' creation/deletion can be low, which in turn impacts performance.

Solution
Note: To view this solution you need to Sign In .