If a firewall has CoreXL enabled (or not enabled for that matter), what is the best way to check if the kernel table limit is approaching it's limit for concurrent connections? In my experience, i have always used #fw tab -t connections -s because it shows aggregate values. I haven't been concerned so much about the individual core peak values with the cases i've worked on.
sk65463 indicates that there will be a discrepancy in output between # fw tab and # fw ctl pstat when ClusterXL is enabled. The solution suggests using # fw ctl pstat. However in my calculations, # fw tab is more accurate. eek!
These questions comes up quite a bit even though Indeni already checks for both fw tab and fw ctl pstat. I want to hear from the community! Feed me!