Support Center > Search Results > SecureKnowledge Details
CPD, FWD, and FWM processes on the Security Management Server or the Security Gateway randomly crash and cannot start Technical Level
Symptoms
  • CPD, FWD and FWM processes on the Security Management Server or the Security Gateway randomly crash and cannot start.
  • "T_get_event: cannot register socket XXX (1024 sockets already registered for in)" line in the log file of the failed process ($CPDIR/log/cpd.elg, $FWDIR/log/fwd.elg, and $FWDIR/log/fwm.elg).
Cause

Processes cannot handle more than 1024 connections and fail.


Solution

This problem was fixed. The fix is included starting from:


Code was improved: The Log server now supports up to 2700 Gateways.


Check Point recommends to always upgrade to the most recent version (Security Gateway / Security Management Server / Multi-Domain Security Management Server).




If you are not able to install the Release or Jumbo Hotfix Accumulator that resolves this issue, then as a workaround, enable the Linux EPOLL API for the affected processes.

With this API, a process monitors one of a set of file descriptors to become ready to perform I/O (for more information, see https://linux.die.net/man/7/epoll and https://linux.die.net/man/2/select).

Important: Schedule a maintenance window.

  1. Connect to the command line on the affected Security Management Server or Security Gateway.

  2. Log in to the Expert mode.

  3. Edit the $CPDIR/tmp/.CPprofile.sh file:

    vi $CPDIR/tmp/.CPprofile.sh

  4. Add this line at the end:

    • To enable the Linux EPOLL API for all the affected processes:

      EPOLL_DISABLE=FALSE; export EPOLL_DISABLE

    • To enable the Linux EPOLL API for the CPD process only:

      EPOLL_DISABLE_CPD=FALSE; export EPOLL_DISABLE_CPD

  5. Save the changes in the file and exit the Vi editor.

  6. Restart the Check Point services:

    • On a Security Management Server:

      cpstop ; cpstart

      Important: This will disconnect all SmartConsole clients.

    • On a Multi-Domain Security Management Server:

      mdsstop ; mdsstart

      Important: This will disconnect all SmartConsole clients.

    • On a Security Gateway (Cluster Members):

      cpstop ; cpstart

      Important: In cluster, this can cause a failover.

  7. Confirm that the new environment variable is loaded:

    • If you configured the variable for all the affected processes:

      echo $EPOLL_DISABLE

    • If you configured the variable for the CPD process only:

      echo $EPOLL_DISABLE_CPD

    The output must show:

    FALSE

Related SK Articles:

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
Applies To:
  • This SK replaces sk161016

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment