|
High memory usage may occur when the SNMPD daemon spawns multiple child processes due to the frequency of SNMP queries. These child processes may fail to terminate properly and accumulate in memory over time.
This can be confirmed by running the command 'diagnose sys top-mem 1000' or 'diagnose sys top 1 1000 1' and observing more than 100 snmpd processes:
diagnose sys top 1 1000 1
snmpd 5854 S 0.0 0.0 24
snmpd 6004 S 0.0 0.0 2
snmpd 6031 S 0.0 0.0 8
snmpd 6042 S 0.0 0.0 3
snmpd 6049 S 0.0 0.0 2
snmpd 6060 S 0.0 0.0 12
snmpd 6076 S 0.0 0.0 7
snmpd 6158 S 0.0 0.0 1
snmpd 6166 S 0.0 0.0 2
.
The SNMPD process can be restarted using the command 'diagnose test application snmpd 99'; however, this may not clear all accumulated child processes, and memory utilization might not be reduced.
This issue has been resolved in v7.4.8 and v7.6.1.
Workaround:
Exclude the get-wad-stats OIDs using the below CLI commands.
config system snmp mib-view
edit "bypassWAD"
set include "1.3.6"
set exclude "1.3.6.1.4.1.12356.101.8.2" "1.3.6.1.4.1.12356.101.9.2" "1.3.6.1.4.1.12356.101.10"
next
end
For SNMP v1/v2:
config system snmp community –
edit [ID] <----- The change must be done on each SNMP community on the FortiGate.
set mib-view bypassWAD
next
end
For SNMP v3:
config system snmp user –
edit [NAME] <----- The change must be done on each SNMP user on the FortiGate.
set mib-view bypassWAD
next
end
|
