garbo

Craven Dingus Data Hermit

E-mail | Bluesky | Mastodon
SA | Steam | YouTube
πš…π™Ύπ™Έπ™³ πšƒπ™΄π™°π™Ό
PFP by Kanna Banana


Recently the Fortinet FortiGate 60F firewall in my home network has been experiencing some kind of gradual memory leak resulting in the device entering Conserve Mode. This is happening maybe once a fortnight and I suspect it is due to the amount of traffic I'm handling (Ingress to my PC and egress from Plex) and that I've turned on all the features. 😈


Now in theory when a FortiGate enters Conserve Mode it should be able to get itself out by aggressively freeing up memory. However as I've found when my device enters Conserve Mode it cannot recover on its own and whilst in Conserve Mode everything other than core admin functions are slowed to a crawl, so much so that latency goes through the roof and it starts dropping packets. Usually I have to reboot the device to get it back to normal again.

Because I am lazy I am yet to attempt diagnosis whilst it's in Conserve Mode to see whether it's process or shared memory that's the issue. Instead as a workaround I created a new Automation Trigger to fire when the device enters Conserve Mode, a new Automation Action to reboot the device with a limit of once per 24-hours and put these together in an Automation Stitch. This means that the next time the device enters Conserve Mode it will send me an alert e-mail and then automatically reboot!

Problem solved. 😎

If you'd like to read more about my stupid home network then click here.


You must log in to comment.

in reply to @garbo's post:

I'm running the 7.2 "Feature" release but I'm pretty sure it's available on the 7.0 "Mature" release. Might have also been back-ported to 6.4.

Edit: if you're running 6.4 please upgrade to latest 7.0 patch release! It's just so much better (RIP if you have D-series hardware that won't run 7.0)! 😁

I dont get to manage this stuff for work (yet, I’ll probably take it over Eventuallyℒ️) and my bench/lab firewall is a 100D. Gotta wait until a customer grows out of an F-something before it finds its way to me 🀷 i’ve futzed with a few 60F’s for customers though and overall i like the new UI well and good enough

that’s my fortinet rambling thanks for listening

Pinned Tags