The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Kernel memory is 100% used when Application Control is enabled
Technical Level
Solution ID
sk117914
Technical Level
Product
Application Control, Security Gateway
Version
R77.30
OS
Gaia
Platform / Model
All
Date Created
19-Jun-2017
Last Modified
20-Jun-2017
Symptoms
The memory of the Security Gateway is full due to Kernel memory, when Application Control is enabled [Expert@admin]# fw ctl pstat
System Capacity Summary: Memory used: 100% (17877 MB out of 17877 MB) - above watermark
Concurrent Connections: 3% (7249 out of 199900) - below watermark
All web connections are originated from an internal proxy server.
In VSX environment, the "Virtual memory used" reaches 100%: [Expert@admin:2]# fw ctl pstat
Virtual System Capacity Summary:
Physical memory used: 48% (4300 MB out of 8899 MB) - below watermark
Kernel memory used: 5% (487 MB out of 8803 MB) - below watermark Virtual memory used: 100% (4014 MB out of 4014 MB) - above watermark
When clearing the connections table, the kernel memory is released.
To clear the connections table: [Expert@admin]# fw tab -t 8158 -x -y Note: Clearing the connections table causes a short outage while the connections are being re-established.
Clearing only the connections originated from the proxy server reduces the memory consumption of the kernel as well.
Cause
An unlimited amount of non-compliant HTTP responses causing the kernel memory to be full.
