Description

This article describes how to troubleshoot high memory utilization on FortiSwitch when the IoT devices scanning service is enabled.

Scope

FortiGate, FortiSwitch.

Solution

It has been observed in many customer environments that FortiSwitch goes high on memory utilization when with IoT scanning service is enabled. When IoT is enabled, FortiGate will push packet sampling config periodically to ask FortiSwitch to capture some packets, then in return, FortiSwitch will send captured packets to FortiGate. 

FortiGate can use the identified devices for storage and display. In the environment where IoT devices scanning and monitoring are not required, it is recommended to disable them as it creates an additional overhead on CPU and memory utilization on low-end switches, i.e., 108 and 124 models. Set the iot-weight-threshold value to 0 to disable IoT detection.

config switch-controller system
    set iot-weight-threshold 0
end

Starting in FortiOS v6.4.3, IoT detection can be managed per FortiLink interface as well. IoT detection is disabled by default, but it is better to verify that it is disabled. If it does not show under the FortiLink interface, then it is disabled. To confirm, run this command:

config system interface

    edit <FortiLink_interface>

        show full | grep it
            set switch-controller-iot-scanning disable

end