Hello,
in one of our branches we have this FG60F cluster and we have problems. It is a critical one, not more than 20 users but it is a warehouse with antennas and we need 24x7.
Some months ago it entered in conserve mode and we dont really know what the people there did, but we had problems to get the HA working again. After that we deactivated IPS, SSL, etc. and some other memory issued configurations but at the end we updated the cluster to 7.4.5 and after that the memory usage in general was much lower. We checked and it was always between 50-55%.
This morning it happened again and right now they are using the slave unit (we dont know yet what the guys did). I wanted to check System Events in Forticloud since we removed local logging but I dont see any information there for the master unit.
Any suggestions? It seems crazy that we use a cluster and with this conserve mode issue we loose basically both FGs.
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Roland
You can start the troubleshooting from here.
Meanwhile you may implement a stitch to reboot the node on conserve mode, and since you have HA the traffic will not be impacted. I implemented this in production and it was very helpful.
Hi,
do you think it would be also recommended to put another action to reboot the unit so that the slave automatically takes over?
Did you have experience with that?
Thanks
Hi
Sure I had experience with that in production. I had a pair of FG in HA mode and from time to time it enters conserve mode without apparent reason.
I opened a ticket, but meanwhile I couldn't leave the production in such situation because the impact was huge. So I used a automation stitch to automatically reboot the active node when it enters conserve mode and it was very helpful.
Hello,
I would recommend to run the commands below while high memory usage is observed:
get sys perf status (memory usage and amount traffic and number of sessions)
diag hard sys mem (memory detailed information)
diag hard sys slab (slab detailed information)
diag sys top 99 99 (press "m" button to sort by memory) (list of processes and memory usage)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1714 | |
1093 | |
752 | |
447 | |
232 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.