This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High httpproxy memory usage with 9.713 and 9.714

Hello,

I have a pair of virtual UTMs which have run for years with about 4G of RAM allocated to them. After the upgrade from 9.712 to 9.713 in Nov I noticed my swap usage climbing beyond its normal 10-15% level. The culprit was the httpproxy proces so I added about 1/2G to the VMs which returned the swap usage to about 15%. This past week I updated to 9.714 and observed the httpproxy process growing much larger driving swap usage into the 60% range.

The two systems run with almost identical configurations which change very little over time. Our usage patterns have not changed much either. I have not noticed anything in the release notes suggesting a significant change that should require more memory, so my suspicion at this point is that the httpproxy process has a memory leak.

The graph below shows 9.714 after a restart last week. Here is the current httpproxy memory/swap usage:

  PID USER      PR  NI  VIRT  RES  SHR S   %CPU %MEM    TIME+  SWAP COMMAND                                                                                                      
 4776 httpprox  20   0 6202m 1.6g 3996 S      1 38.4  46:09.01 4.4g httpproxy
                                                                                                     

--Larry



This thread was automatically locked due to age.
  • 9.713 started the 64-bit mode for http-proxy, Avira and Snort.  Are you running the bare minimum of system memory in the UTMs?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Are you running the bare minimum of system memory in the UTMs?

    The 9.714 admin guide still says that 2GB is the min config, so no as I'm providing 4.5GB.

    > 9.713 started the 64-bit mode for http-proxy, Avira and Snort.

    Ah, that might well explain increased memory footprint. What I'm seeing given that I've provided a little over twice the required memory suggests that this may be a problem for people who upgrade smaller systems to 9.713+.

    And to confirm, I am running the 64-bit version: Release 9.714-4 64-bit

    It would be helpful if Sophos would verify that there is not a memory leak and provided guidance as to a significant increase in memory required for 9.713+

    --Larry

  • I went and checked mine after seeing this.  My swap usage is 0%, and I have 16GB memory running in my dedicated system for it.  Haven't been much of a VM fan when it comes to UTM, so I don't have it running in that configuration. I am running 9.714, but for some reason, I can't change my signature.  :\

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • I'm still on 9.710. After ~ 13.5 days, here's my stats

    UTM vm has 8GB of ram assigned.  Seems about inline with your 4.5GB assignment; 64bit mode enabled as well.

    I bumped the ram up to 16GB (from 8GB), so we'll see what it looks like after a week or two of usage.

  • Just keep in mind the version difference, as things changed in 9.713. That may be an associated thing.

    Edit:  I should mention that it's not a 64-bit install that changed, it's 64-bit mode for what I mentioned above.  Not the same as bit version installed.  ;)

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • As Amodin notes, 9.710 vs. 9.713 or 9.714. Mine have been running with 4G allocated for years now but once I went from 9.712 to 9.713 the httpproxy process began to grow driving swap usage up. I didn't mind the small (10-15%) but consistent swap usage as the throughput was adequate but what I was seeing was swap usage continuing to grow. Since I didn't see anyone else mentioning this, I added a 1/2G of memory and memory usage and swap seemed to level out. 

    Once I updated from 9.713 to 9.714 and I saw the swap climbing to 60% I figured it was time to raise a red flag as this is not workable if the stated system requirement is 2GB. Either the minimum requirement needs to be raised or the leak plugged. ;-}

    Jay Jay it would be interesting to see the SWAP column added to your output (f/F P in top)...note that my httpproxy process is up to 4.4G of swap used.

    --Larry

  •   

    I'll keep that in mind. Interestingly, looking at it right now, it's showing swap for some processes, but at the top showing 0M used of swap.  Something not adding up. This is with 16GB allocated to the VM.  I'd expect it to use no swap at all.

    It's not a big deal to upgrade. I've been meaning to do it for some time now, just not getting around to it. Need to generate a backup image, then create a snapshot, then upgrade.  If it fubars, roll back the snapshot.

  • Following up on this, the httpproxy process continues to grow:

    top - 09:54:36 up 10 days,  3:28,  1 user,  load average: 0.07, 0.08, 0.11
    Tasks: 155 total,   2 running, 152 sleeping,   0 stopped,   1 zombie
    Cpu(s):  2.0%us,  0.7%sy,  0.0%ni, 97.3%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
    Mem:   4460820k total,  4292284k used,   168536k free,    15272k buffers
    Swap:  4194300k total,  3956524k used,   237776k free,   841224k cached

      PID USER      PR  NI  VIRT  RES  SHR S   %CPU %MEM    TIME+  SWAP COMMAND                                                                                                      
     4776 httpprox  20   0 6901m 1.7g 3388 S      0 40.9  62:26.44 5.0g httpproxy                                                                                                     

    And, to put this in a little more perspective, the yearly memory usage with annotations for UTM upgrades and when I added memory to the VM:

    --Larry

  • I think we're seeing the 64-bit mode taking a part in this, just my personal opinion.  If your environment hasn't changed at all and mere updates are bringing swap usage that high, that could be the case. I really think at this point, the memory allocation for UTM is subpar, and that worries me for those going to XG with its limited hardware.  My UTM currently:

    And, I'm actually replacing my hard drive this evening, as it is finally failing after all these years (noticed since 9.714 a huge hesitation in the webadmin interface when clicking anywhere, smartctl shows some fail).

    My hardware hasn't changed in the past year at least, and my only change to it has been the CPU to a Xeon.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hi all,

    I can confirm this behavior. Before the update from Sophos UTM 9.713 to Sophos UTM 9.714-4 I had 10% swap usage in maximum. Since the update it increased day by day until yesterday to about 75%. Then I shut down the HA-Cluster (active/passive) and started the two nodes again. The swap usage increased again to 20%.

    There was no change of the configuration. There was only the update to Sophos UTM 9.714-4.

    The HA-Cluster is running on VMware ESXi 8.0 with 4 GB RAM for each node. The both ESXi hosts have Intel Xeon E3 CPUs.

    Kind Regards

    TheExpert