63 lines
2.7 KiB
Markdown
63 lines
2.7 KiB
Markdown
|
# 南京环境:TSGX设备Firewall占用内存高,频繁触发OOM
|
|||
|
|
|
|||
|
|
| ID | Creation Date | Assignee | Status |
|
|||
|
|
|----|----------------|----------|--------|
|
|||
|
|
| OMPUB-1194 | 2024-03-24T22:03:29.000+0800 | 刘学利 | 已解决 |
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
* 时间
|
|||
|
|
** 2024-03-25
|
|||
|
|
* 故障描述
|
|||
|
|
** 现象:Firewall启动后占用内存上升,直至触发OOM,可持续运行的时间从30分钟到1小时不等
|
|||
|
|
** 范围:全部已部署的TSGX设备(8台)
|
|||
|
|
** 原因:初步排查为dns业务命中后的日志缓存逻辑,具体原因待定位
|
|||
|
|
* 临时解决方案
|
|||
|
|
** 关闭已部署的TSGX设备上的DNS decoder
|
|||
|
|
*** tsg-os-cli关闭**liuxueli** commented on *2024-03-25T00:15:05.217+0800*:
|
|||
|
|
|
|||
|
|
* 问题原因:dns命中策略后缓存transaction较多导致内存占用极高
|
|||
|
|
* 12.3已hoxfix,运行一晚上观察内存使用情况。
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**gitlab** commented on *2024-03-25T10:44:23.999+0800*:
|
|||
|
|
|
|||
|
|
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/tango/firewall/-/commit/03b7f9b002825ace6ec781fd1727bf76c4b10fc9] of [TSG Appliance / firewall|https://git.mesalab.cn/tango/firewall] on branch [bugfix-memory-high-usage-OMPUB-1194|https://git.mesalab.cn/tango/firewall/-/tree/bugfix-memory-high-usage-OMPUB-1194]:{quote}OMPUB-1194: Only cache transactions until the end of the stream when the deny rule is hit{quote}
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**gitlab** commented on *2024-03-25T15:15:31.804+0800*:
|
|||
|
|
|
|||
|
|
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/tango/firewall/-/merge_requests/194] of [TSG Appliance / firewall|https://git.mesalab.cn/tango/firewall] on branch [bugfix-memory-high-usage-OMPUB-1194|https://git.mesalab.cn/tango/firewall/-/tree/bugfix-memory-high-usage-OMPUB-1194]:{quote}Resolve OMPUB-1194 "Bugfix memory high usage "{quote}
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**gitlab** commented on *2024-03-25T15:16:20.742+0800*:
|
|||
|
|
|
|||
|
|
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/tango/firewall/-/merge_requests/195] of [TSG Appliance / firewall|https://git.mesalab.cn/tango/firewall] on branch [bugfix-memory-high-usage-OMPUB-1194|https://git.mesalab.cn/tango/firewall/-/tree/bugfix-memory-high-usage-OMPUB-1194]:{quote}Resolve OMPUB-1194 "Bugfix memory high usage "{quote}
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**gitlab** commented on *2024-03-25T15:34:07.949+0800*:
|
|||
|
|
|
|||
|
|
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/tango/firewall/-/commit/c31108f7622b0f7dd7d520b9e5f738d82c494a47] of [TSG Appliance / firewall|https://git.mesalab.cn/tango/firewall]:{quote}OMPUB-1194: Only cache transactions until the end of the stream when the deny rule is hit{quote}
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## Attachments
|
|||
|
|
|