[Openswan Users] pluto causes system out of memory when interop with fortigate
Paul Wouters
paul at xelerance.com
Mon Aug 23 15:37:01 EDT 2010
On Mon, 23 Aug 2010, Jason Sigurdur wrote:
> Hi, I recently I upgraded to openswan 2.6.28 kernel version 2.6.20-1.2320.fc5 .
>
> Previously , I was having problems interoping a fortigate device into our network. I was getting:
>
>
> kernel: pluto invoked oom-killer: gfp_mask=0x201d2, order=0, oomkilladj=0
> It is still happening after 2-5 days? My other linux vpn systems are up for hundreds of days without restarting, but as soon as I add a ipsec tunnel from the fortigate device to a linux box , I start getting memory issues.
> I also noticed that the one vpn from the foritgate gives me logging every minute:
Looks like you are still leaking if it still happens.
> Any suggestions appreciated.
Edit programs/pluto/Makefile and enable LEAK_DETECTIVE. Run for a while (half a day?) so
that you leaked enough memory and do a proper "restart" of the ipsec service. It should
then log to the system log all the memory leaks. Post that here.
Paul
More information about the Users
mailing list