Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
babarmunir
Visitor

memory conserve threshold values are hardcoded in FortiOS

hi we are using 2 600E in ha cluster, and today lot of complaint were received from end users that services got stop working. when i login on firewall the error was displayed as per subject and memory graph was in between 82-85%. We never faced this issue before so after few googling we tried to disable IPS but this did not help out (may be take some time to get memory down), so finally firewall was rebooted and secondary firewall becomes primary, memory goes at 67%.and everything start working fine.  can somebody please suggest

1) how can we prevent this in future as our env is a very critical and cant afford any downtime due to this issue

2) how can we generate an email alert if conserve memory threshold value exceeds 75% or is there any way to prevent this error occurring again?

2) can we add more memory to device?

2 REPLIES 2
dkochhar
Staff
Staff

@babarmunir Can you please attach the crash logs.
Moreover, please run the following commands if again it goes into conserve mode before rebooting the device:

get system status
get system performance status <----- Use this command three times leaving a time 1 minute between each execution.
diagnose sys top 2 40 <-----Let this command run for 1 minute, then stop it via ‘q’.
diagnose sys top-summary <----- Let this command run for 1 minute, then stop it via ‘q’ - on FortiOS 6.4 this command does not exist.
diag sys top-mem <----- Run this command 4 - 5 times.
diagnose hard sysinfo memory
diagnose hard sysinfo slab
diagnose hard sysinfo shm
diagnose hard sysinfo conserve
diagnose debug crashlog read

Dixit Kochhar
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors