While FortiGate routers from FortiNet company are quite reliable, some bugs or strange behaviour can drive you crazy sometimes.
From time to time we are facing an issue when unit is under high CPU usage and/or lack of memory (RAM).
Usually it's being caused by Intrusion Prevention Systems (IPS) or sFlow process. Of cource, every issue must be investigated, but for really quick-and-dirty solution IPS might be restarted by the following command:
diagnose test application ipsmonitor 99
or even disabled by:
diagnose test application ipsmonitor 98
Recently our FortiGate unit send us "SOS" notification with the message
Kernel enters memory conserve mode
Ughhh, sounds serious. The reason was lack of RAM. 4 GB is not enough for modern firewall board?
# diagnose sys top Run Time: 14 days, 18 hours and 4 minutes 7U, 0N, 7S, 74I, 0WA, 0HI, 12SI, 0ST; 3954T, 1990F sflowd 8461 S 80.1 10.8
sflowd process, the resources eater with 80.1% of CPU, can be calm down as easy as that:
diagnose sys kill 11 8461
11 is SIGSEGV signal (restart) to process
8461 from the top command above.
Another perfomance diagnostic commands for FortiOS are:
get system performance status diagnose sys top 2 50 diagnose hardware sysinfo memory diagnose hardware sysinfo shm diagnose firewall statistic show diagnose sys session stat