hi we are using 2 600E in ha cluster, and today lot of complaint were received from end users that services got stop working. when i login on firewall the error was displayed as per subject and memory graph was in between 82-85%. We never faced this issue before so after few googling we tried to disable IPS but this did not help out (may be take some time to get memory down), so finally firewall was rebooted and secondary firewall becomes primary, memory goes at 67%.and everything start working fine. can somebody please suggest
1) how can we prevent this in future as our env is a very critical and cant afford any downtime due to this issue
2) how can we generate an email alert if conserve memory threshold value exceeds 75% or is there any way to prevent this error occurring again?
2) can we add more memory to device?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @babarmunir ,
You can refer this document to change threshold for conserve mode : https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/194558/conserve-mode
You can refer this document to avoid conserve mode: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Free-up-memory-to-avoid-conserve-mode/ta-p...
@babarmunir Can you please attach the crash logs.
Moreover, please run the following commands if again it goes into conserve mode before rebooting the device:
get system status
get system performance status <----- Use this command three times leaving a time 1 minute between each execution.
diagnose sys top 2 40 <-----Let this command run for 1 minute, then stop it via ‘q’.
diagnose sys top-summary <----- Let this command run for 1 minute, then stop it via ‘q’ - on FortiOS 6.4 this command does not exist.
diag sys top-mem <----- Run this command 4 - 5 times.
diagnose hard sysinfo memory
diagnose hard sysinfo slab
diagnose hard sysinfo shm
diagnose hard sysinfo conserve
diagnose debug crashlog read
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1629 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.