This article describes the reason for high memory utilization in the node process.
Scope : FortiGate running v6.4.x, v7.0.x and v7.2.x.
On v6.4, the node process is used for:
- Report management (which includes Security Fabric (CSF) / FortiView / Security Rating).
- WebSockets.
- Maintaining the CLI console widget when accessing the FortiGate via HTTP/HTTPS.
From v7.0 onwards, the node process is also responsible for:
- Processing all incoming HTTP/HTTPS to serve static files (before v7.0, the process HTTPSD served static files).
On v7.0, the 3 main node.js scripts on a FortiGate are for:
- Report runner (Security Rating).
- CLI console.
- SSL VPN QR code generation.
The security rating result submission is by default enabled on the FortiGate.
This feature enables the submission of security rating results to FortiGuard servers for data collection purposes and continuous learning.
The feature is memory intensive and could lead to high memory usage observed on the node process.
A high memory usage of the node process can be seen for example with commands:
diag sys top-mem
diag sys top 1 20 1
Example output from the ‘diag sys top‘ command:
Version: FortiGate-400E v6.4.7,build1911,210825 (GA)
Run Time: 43 days, 22 hours and 40 minutes
0U, 0N, 1S, 99I, 0WA, 0HI, 0SI, 0ST; 7852T, 2818F
node 197 S 0.0 31.1 <– 31 % memory usage of the node process.
To disable the security rating functionality, execute the following command:
config system global
set security-rating-result-submission disable
end
In some cases, it might be required to also disable the scheduled rating and restart the nodejs process:
config system global
set security-rating-result-submission disable
set security-rating-run-on-schedule disable
end
In some cases, it might be required to also disable the scheduled rating and restart the nodejs process:
diagnose nodejs process restart <– Before v7.0.
fnsysctl killall node <– v7.0 Onward.
Running a ‘killall’ on a process can make the system unstable.
Note:
The command ‘set security-rating-result-submission‘ is not available any more on v7.4.x.
104 total views, 2 views today
