Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Mohammed-Mustafa
New Contributor II

Kernel enters memory conserve mode

I have AWS FortiGate with T2.small instance size with the latest firmware version 7.2.3  and it keeps entering conserve mode, and I notice the following:

  1. FortiGate enters conserve mode when memory used"1585 MB" is below the red threshold"1769" and even below the green threshold. As a temporary solution I have raised red threshold.
  2. The following event is associated with entering conserved mode (Fortigate scheduled update fcni=yes fdni=yes fsci=yes idsurldb(4.00594) ffdb_full(7.02970) from 173.243.141.6:443).  

Any ideas on how to solve this!!!!

9 REPLIES 9
CrackinRyder
New Contributor II

I had this issue.  It seems to go back to version 7.0.x

Fortinet Support gave me a work around which kills the WAD process which is usually responsible for this.  Scroll down a few messages...
https://community.fortinet.com/t5/Support-Forum/Fortios-7-0-x-memory-leak/m-p/208721/highlight/true#...

Mohammed-Mustafa

Hello,

 

I can't define exactly which process is responsible for this!

can you share how I can find it?

Beside I feel my case is slightly different specially with the threshold part

srajeswaran
Staff
Staff

You are mostly hitting 798303

798303

The threshold for conserve mode is lowered.

https://docs.fortinet.com/document/fortigate/7.0.8/fortios-release-notes/289806/resolved-issues


This is fixed from 7.0.8 and 7.2.4

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

Mohammed-Mustafa

my current OS is 7.2.3, what is your suggestion?

srajeswaran
Staff
Staff

The 2 possible options I can think is 1. Move to 7.0.x version or 2. Wait for 7.2.4.

How long the system stays in conserve mode? Is it creating huge traffic disruption?

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

Mohammed-Mustafa

Actually, it does create huge impact, just this morning I have another appliance started to act the same, making huge business impact. I performed that last upgrade as they promise it will be solve but here we are again and I'm afraid even if they released a new update they problem will continue.

srajeswaran

Is it possible/feasible to start a new instance in 7.0.9 and migrate the traffic to that and monitor?

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

Mohammed-Mustafa

Hello,

I have been engaged with Fortinet support and it's seems that there's a bug in the firmware "AGAIN", and they will release new FortiOS very soon and it's should fix this bug.

 

Regards,

lol

Hello,


> FortiGate enters conserve mode when memory used"1585 MB" is below the red threshold"1769" and even below the green threshold.

 

The reported issue matches the internal engineering ticket 0798303.
Due to a miscalculation the conserve mode might be triggered before reaching the red threshold.
The cause got resolved in code in FortiOS 7.0.8 and 7.2.4.

 


> my current OS is 7.2.3, what is your suggestion?

 

FortiOS 7.2.4 got released recently, 7.0.8 is available since a longer time.

It's recommended to upgrade to 7.2.4.

 


> As a temporary solution I have raised red threshold.

 

Correct, as a workaround the thresholds should be increased:


config system global
set memory-use-threshold-extreme 97
set memory-use-threshold-green 90
set memory-use-threshold-red 95
end

 

And reverted back to the default after upgrading:


config system global
unset memory-use-threshold-extreme
unset memory-use-threshold-green
unset memory-use-threshold-red
end

 


Regards

Top Kudoed Authors