Just looking over my firewalls in central management, one firewall stands out above all the others with RAM usage at 85%. Every other box is 25-35%. It seems to be ARC, which I believe is part of ZFS.
All firewalls are on 26.4 or 25.10 and have 8GB of RAM. Why would ARC usage be so high on one firewall?
Quote from: Isabella Borgward on Today at 12:57:35 PMAll firewalls are on 26.4 or 25.10 and have 8GB of RAM.
In theory ZFS should never use more than 50% of that IIRC so you should have nothing to worry about despite these values.
However...
QuoteWhy would ARC usage be so high on one firewall?
Do all of them have Hostwatch Enabled or not ?
It's a process that's constantly active and gave many of us all sorts of issues after it's release and that's why many of us also have it set ti Disabled !!
So you could try that too and see if things will change ?
Might need a reboot just to be sure... :)
Quote from: nero355 on Today at 02:01:43 PMIn theory ZFS should never use more than 50% of that IIRC so you should have nothing to worry about despite these values.
That used to be a hard limit set in Linux because Linux memory management had difficulties flushing ARC in case of memory pressure. In FreeBSD such a limit does not exist and ARC will happily use all available memory. This is not a problem. It will be freed if needed.
I don't know the current state on Linux. At least TrueNAS remove the hard 50% limit AFAIK.
Quote from: Patrick M. Hausen on Today at 02:22:40 PMAt least TrueNAS remove the hard 50% limit AFAIK.
Indeed :P
tn-25.10-mem.png
Yes indeed this device has Hostwatch enabled and the others do not! I will disable it and see what happens. It had found 800 hosts, I wouldn't think that would require so much RAM to keep track of.
After a bit more reading, it seems like ARC memory usage on BSD can be considered as not really used, because it can be evicted as soon as memory is really needed by a process. That being the case, I think OpnSense management tools should take this in to account and not show me a scary yellow usage bar if it's not really "used".
Before I managed to disable hostwatch, I started getting alerts about the Zabbix agent on this host.
I checked the logs and saw
[zone: pf states] PF states limit reached
being logged every few minutes.
Will ARC memory usage cause problems for PF states being created?
Quote from: Isabella Borgward on Today at 03:01:00 PMWill ARC memory usage cause problems for PF states being created?
No. The number of pfstates is kernel internal hard limit. You can increase it at
Firewall > Settings > Advanced > Firewall Maximum States