cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Memory status shows red color on management server

Hello, the memory status on the management server for the active gateway of a cluster is red (83%), although high memory consumption in the gateway does not seem to be a concern as far as Gaia uses the maximum available memory for buffers/ cache. What do you think ? Why is the management server showing this situation as an alert ?

Version R80.10 Take_70 for all systems

#free - m

Mem: total:7744 used: 7405 free:339 shared:0 buffers:25 cached:953

-/+ buffers/cache: used: 6426 free: 1318

Swap: total: 18394 used:0 free: 18394.

Thanks

Christophe

0 Kudos
13 Replies
Vladimir
Pearl

Re: Memory status shows red color on management server

It may be related to the caching of incorrect information by the management server. Take a look here: https://community.checkpoint.com/message/13131-re-clusterxl-on-take70-does-not-function-properly?com... 

0 Kudos

Re: Memory status shows red color on management server

The point is the information seems correct.

If I use the numbers of the free-m command: 6426/7744 represents 83 % of used RAM.

The interface in the SMS is somewhat disturbing (see picture) as it appears as a critical state.

Thanks

0 Kudos

Re: Memory status shows red color on management server

Maybe this is just the red mark for: we are above 80% memory, better no high traffic situation comes around. I would suggest to go up to R80.10 Take_70 # SmartConsole Build 024  asap

0 Kudos
Vladimir
Pearl

Re: Memory status shows red color on management server

In which case it makes perfect sense. It is not critical until there is a spike in traffic and, depending on the blades you have enabled, it very well may prove detrimental to overall system stability.

There is probably a way to adjust the threshold parameters for RAM, but I would not recommend doing it.

0 Kudos

Re: Memory status shows red color on management server

Thank you Vladimir and Guenther.

0 Kudos

Re: Memory status shows red color on management server

Hello, today (not a business day) the free -m command outputs:
Mem: total: 7744 used: 7285 free: 459 shared: 0 buffers: 25 cached: 977
-/+buffers/cache: used: 6281 free: 1463
swap: total: 18394 used: 1385 free: 17009
So the gateway started to swap.
Looking at the top command, wstlsd is the process that seems to consume memory.


We are investigating.

0 Kudos

Re: Memory status shows red color on management server

You must have taken these most recent screenshots/statistics on your firewall (not SMS as mentioned earlier in this thread) or you are running standalone.  You may want to start a different thread to avoid confusion as use of memory is quite different on a SMS vs. firewall.

wstlsd handles HTTPS negotiations associated with HTTPS Inspection (if enabled) or the "Categorize HTTPS Sites" checkbox if it is set.  It is normal for these processes to use a fair amount of memory.  There are two of them so it appears you have 2 Firewall Worker cores, which probably indicates your firewall has a total of 2 physical cores (at least with the default settings).  I'm guessing you have a 5100-5400, please confirm.

You have 8GB of RAM being reported, please confirm that Gaia is running in 64-bit mode.

The 1385 being reported by free -m indicates that at some point the firewall dipped into swap space (probably during a policy install) but does not mean the firewall is actively swapping right now (wa being 0.0% is a good indication that it is not).  Use sar -W to determine this for sure, and please see my posts about it in this thread:

Healthcheck script results 

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com

Re: Memory status shows red color on management server

Thank you Tim, I started a new thread https://community.checkpoint.com/thread/6930-why-is-memory-swapping-on-the-gateway and gave answers to your questions. I'm very new to Check Point product (but already bought your very useful book). Will execute healthcheck script next week to have more ideas about what's going on and to know if we are properly tuned.

0 Kudos

Re: Memory status shows red color on management server

Hi all.
What configuration actions need to be configured to reduce the load on the device's memory.


I have 5400 included the following blades:

FW, AP, URL, Content Awareness, Monitoring
IPS, Anit-bot, Anti-virus, TE

Smart Event Server

Smart Event Correlation

 

I make a CheckUp

Thacks

0 Kudos
Admin
Admin

Re: Memory status shows red color on management server

Doesn't sound like you have a separate management appliance.

If that's the case, I would strongly consider moving management/SmartEvent off to a separate appliance or VM.

How much RAM is in your 5400?

0 Kudos

Re: Memory status shows red color on management server

Yes, all on one device. There is no way to deploy separate management.

8GB

0 Kudos
Admin
Admin

Re: Memory status shows red color on management server

If you cannot break SmartEvent and Management off to a different system, I recommend adding additional RAM to your 5400.

0 Kudos
Highlighted

Re: Memory status shows red color on management server

Thanks, but these options are not right for the moment

0 Kudos