Thread Info
  • Locked Locked
  • Replies 0 replies
  • Subscribers 2 subscribers
  • Views 1011 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Memory leak in IPv6 Tunnel daemon/process

Anthony Myers

I have been experiencing this problem for as long as I remember but I have finally made the effort to post about it. The provider of my IPv6 tunnel broker service limits the number of concurrent tunnel connections it will permit across all its users and therefore, if I have to reboot my Sophos UTM VM to install an update or the DHCP address provided by my ISP changes, another user will have taken the connection I was using before I can re-establish my tunnel connection and there it can take some time (days usually) before my IPv6 tunnel is re-established. While Sophos UTM is attempting to re-establish the tunnel connection, it logs a couple of messages like the following every second:

2018:02:25-00:00:02 xxxxx tspc[32767]: A TSP error occurred. Status: 301. Info: The server has reached its tunnel capacity limit.

2018:02:25-00:00:02 xxxxx tspc[32767]: Tunnel negotiation failed. Status: 393229

2018:02:25-00:00:02 xxxxx tspc[32767]: Disconnected. Retrying.

2018:02:25-00:00:02 xxxxx tspc[32767]: TSP version not supported by server: 2.0.2.

2018:02:25-00:00:02 xxxxx tspc[32767]: Failed to retrieve TSP capabilities.

2018:02:25-00:00:02 xxxxx tspc[32767]: Disconnected. Retrying.

The Daily Executive Reports will indicate an ever increasing physical memory usage over a period of a day or so while Sophos UTM is attempting to re-establish the IPv6 tunnel until all the physical memory is consumed and then they will indicate an ever increasing swap usage over the subsequent days. Once both the physical memory and swap are consumed, I receive an email notification like the following, after which much of the physical memory and swap is freed and then the process repeats itself until the IPv6 tunnel is successfully established:

From: "Firewall Notification System" <do-not-reply@fw-notify.net>

Date: 24 February 2018 at 9:10:58 pm AEDT

Subject: [xxxxx][INFO-176] IPv6 gogo6 Tunnel Broker client not running - restarted

IPv6 gogo6 Tunnel Broker client not running - restarted

--

System Uptime      : 21 days 6 hours 37 minutes

System Load        : 3.85

System Version     : Sophos UTM 9.506-2

Please refer to the manual for detailed instructions.

Once the IPv6 tunnel has been successfully established, any physical memory and/or swap that was consumed while Sophos UTM was attempting to re-establish the IPv6 tunnel remains consumed i.e. is not freed and must therefore be still considered in use by the process that has the memory leak.



This thread was automatically locked due to age.
Unfiltered HTML