Hi!

We encountered a problem monitoring our Checkpoint Firewall Clustes as
we see erratic outages on cluster interfaces. Opennms produces
icmp- and snmp-outages and marks the nodes as down. Meanwhile we can ping all the cluster interfaces from opennms host by command line without any loss.

It seems that checkpoint clusters have problems to distinguish between
multiple pings to different interfaces (in our case the physical and
the virtual interfaces of the cluster) when identification and sequence
numbers are static between the polls against different Interfaces on the same CheckPoint. This ist the case in opennms´s icmp poller as it
uses the same identification value in all icmp echo requests (and all
pollings start with sequence number 1 of course).

Also see Checkpoint SK26874. Unfortunately the here mentioned fix does not work for our environment. (it only lowers the intervall of the outages)

Is there a possibility to use per-poll-individual identification fields
in the echo requests?

Regards Tim Skopnik