OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: cwynd on May 16, 2017, 03:58:02 pm

Title: Correct swap configuration?
Post by: cwynd on May 16, 2017, 03:58:02 pm

Hello All, we have a 17.1 production OPNsense + ICAP server, all running smoothly - until yesterday.

Yesterday I added the emerging threats rules to suricata (which was already enabled with a limited ruleset), and after a few hours, the system started killing processes, and reporting "out of swap space".

The system is running as a Xen VM with 3G of memory and 3 NICs, and was set up accepting default install options a month or two ago. When I check from the shell

Code: [Select]

swapinfo -h no swap is present. After searching the forums, I am not clear if I should be configuring swap or not.

Would appreciate any advice on what is the right way to configure OS swap.

Thanks!

Title: Re: Correct swap configuration?
Post by: cwynd on June 27, 2017, 05:29:54 pm

Hello All, this continues to be an issue. I gathered some details from the latest incident, reported here:

Log Messages:

Code: [Select]

Jun 27 10:46:04 squid[32290]: Squid Parent: (squid-1) process 32803 exited due to signal 9 with status 0
Jun 27 10:46:01 kernel: pid 32803 (squid), uid 100, was killed: out of swap space
Jun 26 18:58:26 kernel: 906.076340 [ 792] generic_netmap_dtor Restored native NA 0
Jun 26 18:58:26 kernel: pid 37449 (suricata), uid 0, was killed: out of swap space
OPNsense is running as a xen domU, and is allocated 3.8GB of memory.

I got to this about 20 minutes after squid was killed by oom, and the attached snippet shows details on the memory allocation at the time.


Can anyone offer any hints about swap configuration please?? If I am asking in the wrong place, or if I missed a write-up on, apologies, please point me to same.

Thanks!