Fortigate conserve mode activated due to high memory usage and How to Resolve Fortigate Conserve Mode Issue
Problem:- FortiGate conserve mode activated due to high memory usage
Description:- While Fortigate Memory Utilization reaches 75% and above its Enter into Conserve Mode.
If memory use reaches the extreme level (95% memory used) New sessions are dropped and the red threshold conserve mode actions continue.
Red or extreme threshold conserve mode actions continue until the memory use reduces to the green threshold (default 82% memory used). At the green threshold, FortiGate returns to normal operation.
Troubleshooting Step:- Please find as below.
Collect logs from FGT during the same time.
diag sys flash list
get system status
get hardware status
get system performance status ----> (run this command 5 times in interval of 1 minutes)
diag sys top 2 50 ----------> (run it approximately 10 times to have representative samples)
diag sys top-summary -------> (Run for 30 Sec and CTRL C to stop)
diagnose autoupdate versions
diagnose hardware sys shm
diag hard sys mem
diag hard sys cpu
diag hard sys slab
diag sys session stat
diag firewall statistic show
diag debug crashlog read
diagnose hardware deviceinfo disk
2 From dia sys top-summary and dia sys top 2. will get out-put as below. where you can find a top processes which is consuming high memory.
3.Now you need to kill that process with process ID to overcome high memory utilization. find command for same as below
#dia sys kill 11 XXXX –> (Process ID)
Solution:– Now check current memory Utilization by the below command.
#get system performance status.
From the new 6.2 OS, we are able to set an Automation trigger for high memory utilization with a threshold value
so In the next article will find out how to set automation trigger in Fortigate 6.2 OS for conserve mode, so we can get proactively Alert