New Member

Solved

Fortios 7.0.x memory leak?

Forum|Forum|4 years ago
March 23, 2022
11 replies
45729 views

After upgrading our Fortigate 600E (two firewalls in HA) first to FortiOS 7.0.4 then later 7.0.5 we are experiencing what I suspect is memory leak issues.

Over time the memory usage goes up gradually to the point where the firewall goes into "conserve mode" and traffic forwarding stops. After reboot (HA failover) the memory usage is back down and then after about three weeks it goes into conserve mode again.

Anyone else experiencing the same problems?

Do you think I should just roll back to 6.4.x or wait for the next patch?

Best answer by notrixx

The memory usage issues we experienced after upgrading from 6.4.x to 7.0.x seems to have been resolved with upgrading to 7.2.0 so I consider this case closed.

A

Anonymous_User

New Contributor II

Hello @notrixx,

Thank you for using the Community Forum.

We see you are facing issues with memory leak on your firewall. If the memory leak started post the upgrade of the firewall, then it could be due to the known issues on the firmware 7.0.5v. To confirm if the firewall is matching any of that known issue, we would recommend you to create a support ticket with our TAC team.

Below is the link for the known issues on 7.0.5v

https://docs.fortinet.com/document/fortigate/7.0.5/fortios-release-notes/236526/known-issues.

Hope this helps.

Thanks,

Aashiq-Fortinet Community Team.

CrackinRyder

Visitor III

I too am facing this issue with a FortiGate VM64 device in Azure. Its running 7.0.5.

Over a period of 3-8 days, the device will use up memory until services fail on the device which require a failover to the secondary VM.

Snapshot over 24 hours...

What tool are you using to capture a longer time? I can only get 24hours on the device itself?

notrixxAuthor

New Member

We have FortiAnalyzer which provides more history.

fnaf

New Member

It's the same for me. TAC has raised many tickets for me. Some say there is, some say there isn't, and still others say it's an active bug that will be fixed in 7.0.3. five nights at freddy's

ede_pfau

SuperUser

When I ran into these leak problems using v6.2.9, I had to install an auto-script to have the FGT kill processes when the conserve mode threshold was exceeded (so I could sleep at night). In this case, https processes were running wild, sometimes starting 17 at a time, with just 1 user logged on.

You can script on the FGT itself or on a FAZ.

notrixxAuthor

New Member

Tonight I upgraded the 600E's to FortiOS 7.2.0

In a couple of weeks I probably know if the memory leak issues are resolved.

Toshi_Esumi

SuperUser

You mean "downgraded" from 7.2.5 to 7.2.0?

Toshi

notrixxAuthor

New Member

Upgraded from 7.0.5 to 7.2.0

aproost

New Member

Is upgrading to 7.2.0 the solution?

notrixxAuthorAnswer

New Member

The memory usage issues we experienced after upgrading from 6.4.x to 7.0.x seems to have been resolved with upgrading to 7.2.0 so I consider this case closed.

Mohammed-Mustafa

Explorer

I have upgraded to v7.2.2 but still receiving same problem!!!!

we need a solution to this!!!

FortiFollower

Visitor III

We're on 7.2.3 and still having the same problem.

robertl

New Member

On 7.4....10 months late...same problem. So happy we moved to FortiGate

ltambori

New Member

I'm still on 7.2.3 with 600E, 100F and 60F (all in HA) and have the same problem.
At this moment I have 3 tickets on fortinet support trying to solve it.
They send me a new IPS engine last friday because they detected the IPSengine process was using to much memory. After the upgrade the IPS engine solve the memory problem but today I received alerts of conserve mode because of WAD, so, the WAD still is a problem for Fortinet since a long time.