I have AWS FortiGate with T2.small instance size with the latest firmware version 7.2.3 and it keeps entering conserve mode, and I notice the following:FortiGate enters conserve mode when memory used"1585 MB" is below the red threshold"1769" and even below the green threshold. As a temporary solution I have raised red threshold.The following event is associated with entering conserved mode (Fortigate scheduled update fcni=yes fdni=yes fsci=yes idsurldb(4.00594) ffdb_full(7.02970) from 173.243.141.6:443). Any ideas on how to solve this!!!!

Explorer

Question

Kernel enters memory conserve mode

Forum|Forum|3 years ago
January 18, 2023
3 replies
6739 views

I have AWS FortiGate with T2.small instance size with the latest firmware version 7.2.3 and it keeps entering conserve mode, and I notice the following:

FortiGate enters conserve mode when memory used"1585 MB" is below the red threshold"1769" and even below the green threshold. As a temporary solution I have raised red threshold.
The following event is associated with entering conserved mode (Fortigate scheduled update fcni=yes fdni=yes fsci=yes idsurldb(4.00594) ffdb_full(7.02970) from 173.243.141.6:443).

Any ideas on how to solve this!!!!

FortiGate

CrackinRyder

Visitor III

I had this issue. It seems to go back to version 7.0.x

Fortinet Support gave me a work around which kills the WAD process which is usually responsible for this. Scroll down a few messages...
https://community.fortinet.com/t5/Support-Forum/Fortios-7-0-x-memory-leak/m-p/208721/highlight/true#M191819

Mohammed-MustafaAuthor

Explorer

Hello,

I can't define exactly which process is responsible for this!

can you share how I can find it?

Beside I feel my case is slightly different specially with the threshold part

srajeswaran

Staff

You are mostly hitting 798303

798303

The threshold for conserve mode is lowered.

https://docs.fortinet.com/document/fortigate/7.0.8/fortios-release-notes/289806/resolved-issues

This is fixed from 7.0.8 and 7.2.4

Mohammed-MustafaAuthor

Explorer

my current OS is 7.2.3, what is your suggestion?

srajeswaran

Staff

The 2 possible options I can think is 1. Move to 7.0.x version or 2. Wait for 7.2.4.

How long the system stays in conserve mode? Is it creating huge traffic disruption?

Mohammed-MustafaAuthor

Explorer

Actually, it does create huge impact, just this morning I have another appliance started to act the same, making huge business impact. I performed that last upgrade as they promise it will be solve but here we are again and I'm afraid even if they released a new update they problem will continue.

srajeswaran

Staff

Is it possible/feasible to start a new instance in 7.0.9 and migrate the traffic to that and monitor?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded