Just looking through the 6.4.8 Known Issues and found this:
721487 | FortiGate often enters conserve mode due to high memory usage by httpsd process. |
This seems to be similar to the WAD issue:
712584 | WAD memory leak causes device to go into conserve mode. |
I have a (sad) workaround for the WAD issue by regularily issuing diagnose test application wad 99 with auto-script.
However, there is no similar way for the httpsd.
It looks like I'd need to ssh into the box and first identify the httpsd PID with diagnose system top and afterwards issue diag sys kill 11 <process-Id>
Conserve mode scares me off, since I already had twice to drive to client locations to get an FG-60 and an FG-61 working again.
Thanks
Daniel
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @dan,
Please check this article on Technical-Tip-How-to-restart-kill-all-processes
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-restart-kill-all-processes-with-fns...
let us know if this helps
Thanks,
Pavan
Fortunately I didn't have to do this for quite some time but "fnsysctl killall" still seems to work according to this post.
https://github.com/bluecmd/fortigate_exporter/issues/62
Toshi
Sadly, one FG-200E has had exactly the same memory leak issue running on v6.2.9 a couple of weeks ago.
What I did (from advice from TAC supporter) was write a script with "fnsysctl killall httpsd" and create an automation stitch which was triggered by the even "enter conserve mode". Worked like a charm - the instant the log message was written, the script ran and reduce memory usage by 40%.
(The ultimate fix was to upgrade to v6.4.8. Good that I didn't know about the "Known issue" you cited.)
config system automation-trigger
edit "enter_conserve_mode"
set event-type low-memory
next
end
config system automation-action
edit "release_memory"
set action-type cli-script
set required enable
set script "fnsysctl killall httpsd"
set accprofile "super_admin"
next
edit "auto_high_memory_email"
set action-type email
set email-to "monitor@mysite.de"
set email-subject "myFGT: stitch alert: conserve mode"
next
end
config system automation-stitch
edit "auto_high_memory"
set trigger "enter_conserve_mode"
set action "release_memory" "auto_high_memory_email"
next
end
Thanks to @ede_pfau and @Toshi_Esumi . I will try fnsysctl killall httpsd.
It did not show any effect while manually testing, but I believe I will implement the given script.
Better sure than sorry..
Dan
Hello @dan,
Please check this article on Technical-Tip-How-to-restart-kill-all-processes
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-restart-kill-all-processes-with-fns...
let us know if this helps
Thanks,
Pavan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1702 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.