Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 16 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 11635 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SOPHOS XG Fw - How to Clear SWAP Cache?.

Enzo Bustos

Hello!

I need your help with some doubts about how to clear the swap cache or swap usage?, i tried to do a linux proceding with the the swapoff -a && swapon -a command but no works on XG, this because fstab directory not exists.

 

Waiting for your early reply

 

Best regards!



This thread was automatically locked due to age.
Parents
  • 0

    Hello Enzo,

    Why would you like to remove the swap cache? If your concern is regarding Web Cache, then we have a toggle to disable the cache under web> general settings.

  • 0 in reply to Aditya Patel

    Hello Adytia, 

    The situation of cleaning the swap cache is due to the fact that our firewall is currently using  95 to 98% RAM and SWAP and it has generated  faults in the operation of the virtual appliance.

    Here is an image of the swap resources used:

    a few days ago, we disabled IPS, Antivirus, Hotspot and Web Server protection Services, but there were no changes, and this shows me too much postgres processes that i known it used by snort.

     

    Waiting for your early reply.

  • 0 in reply to Enzo Bustos

    Hello Enzo,

    The swap memory consumed is normal and if you have started using IPS then the memory consumption would also increase which is well within expectation. As per the usage on the system the SWAP, total memory and most of your memory is cached. 

    The image is from a XG firewall with no load and has configured for 2 GB ram. There will be no performance impact and the memory is reserved. As your memory is higher the amount of free memory is less and but they are mostly cached/reserved.

    The ram management has changed since Cyberoam as in Cyberoam the amount of free RAM will directly conclude the capacity of the machine. when reached 90 to 100% performance issue is observed. In SFOS it is completely different the amount of RAM is reserved at the start and used for your resources when needed. If the system is acting up you may check the RAM impact as the " 0.0%wa," would indicate the amount of process awaits to be processed.  Ideally 0 but would be normal >1.0 or 2.0 depending on the model.

  • 0 in reply to Aditya Patel

    Adytia

    First of all, thank you for the reply and the documentation, it really helps me to understand how Sophos XG manage the system resources. But i have some doubts that Why WebGUI alerting this as a negative output.

     

     

     
    It would be advisable to make an extension of RAM?.

    This really worries me because the device have experienced some fails about the correct networking operation because the utilization resouces affecting operative continuity of our clients.
     
    Best Regards.
  • 0 in reply to Aditya Patel

    Adytia, 

    Adding this, the IPS service and other too, here's the output of the System service status:

     

    That's my doubts are generated related to the utilization resources, because they were disabled.

     

    Waiting for your early reply.

     

    Thanks for all help!

     

    Best Regards

  • 0 in reply to Enzo Bustos

    Hello Enzo,

    It does seem that some process is causing high utilization on your SWAP memory, could you please check go to atop and press S and check which process is taking the most of the cpu and also check by pressing p and check at that time which process is taking high swap memory. 

    We suspect the issue could be with one of these process, also could you please let us know if you are on the latest version?

  • 0 in reply to Aditya Patel

    Aditya,

    Here's the ouput from atop 

     

    The current firmware versión is 17.1.4-MR4, applied about 3 weeks ago.

  • 0 in reply to Aditya Patel

    Hello,

     

    Any helps with this?, it really worries me, because this can cause abnormal operations...

     

    Waiting for replys.

     

    Best Regards.

  • 0 in reply to Enzo Bustos

    Hello Enzo, 

    We have received your case and would monitor this issue further. 

  • 0 in reply to Aditya Patel

    Additya,

    Today, our client was affected by the same issue related to the networking service loss, corresponding to the port forwarding where the during the midnight Tuesday 05-02 23:30 PM approximely.Where the firewall lost the publication of the ports and this made it impossible to publish the services. In order to get out of the serious problem, the device had to be restarted, allowing to recover the services again.. In order to get out of this serious problem, we had to increase the ram from 4GB to 6GB and restart the firewall, this action allow us to recover the service published.
     
    This happens by the high usage recources, and this is very annoying and very worry because the device functioning is not reliable, this issue it has happened every 2 months very recurrent.
     
    Waiting for your early reply
     
    Best regards
     
     
  • 0 in reply to Enzo Bustos

    Hello Enzo,

    Thank you for the update, as your case is still ongoing I would advise to wait until we reach the conclusion to this issue.

  • 0 in reply to Aditya Patel

    Ok Aditya, iĺl be waiting for your reply about this case.

     

    Thanks.

     

    Regards!

Reply Children