Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nobox
New Contributor III

7.2.1 and "Kernel enters memory conserve mode" with memory used below green

Hi.

I have a strange symptom after updating to 7.2.1 on 60F, I have the message "Memory conserve mode entered" once a day. The message is strange because the memory used is below the red threshold and even below the green threshold: "logdesc =" Memory conserve mode entered "service =" kernel "conserve =" on "total = 1918 MB used = 1493 MB red =" 1687 MB "green =" 1572 MB "msg =" Kernel enters memory conserve mode ".

One second after that "Kernel exits memory conserve mode"

Has anyone experienced something like this?

 

7 REPLIES 7
AEK
Honored Contributor

Hello

7.0.6 has fixed Mem conserve mode issue that is related to WAD process.

Try first to find which process is consuming your FGT's memory.

In my opinion I wouldn't install 7.2.1 in my critical prod env since the patch is not mature enough.

 

AEK
AEK
nobox
New Contributor III

it looks like the IDS database update is causing the memory limit to be exceeded, immediately after it (a few seconds later) this message will appear
2022-08-18 19:34:22 Fortigate scheduled update fcni=yes fdni=yes fsci=yes idsdb(21.00377) idsetdb(21.00375) from 173.243.142.6:443
2022-08-18 19:34:31 The system has activated session fail mode
2022-08-18 19:34:32 Kernel enters memory conserve mode
and this repeats itself daily as the IDS database is updated

 

AEK
Honored Contributor

Finding the problem is half solution.

You may try now schedule IDS DB updates during low traffic hours while a new patch is released. Notifying FNT support is a good idea so they work on a fix quickly.

AEK
AEK
nobox
New Contributor III

fix that works for me (and a workaround):

 

config system global
set memory-use-threshold-red 90
end

 

Debbie_FTNT

Hey nobox,

 

thank you for sharing!

Regarding the underlying issue (memory spike during update process), there is something similar currently under investigation; I have reached out internally to verify if what you have described matches what we're currently investigating.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
evertjanP
New Contributor

Same issue here with 7.2.1 on a 40F, just applied the workaround, so lets see tomorrow.

nobox
New Contributor III

hi, you can try this setting as well:

 

config ips global
set cp-accel-mode none
end

 

this definitely solves the problem but also turns off hardware IPS acceleration

Labels
Top Kudoed Authors