Insufficient Memory Alert due to Memory Fragmentation in the Linux platform

Product / Version includes:

Deep Security20.0 , Cloud One - Endpoint and Workload SecurityAll

Last updated: 2022/09/14

Solution ID: KA-0013379

Category: Configure , Troubleshoot

Summary

This article provides a mitigation for the Linux memory fragmentation issue. When the Intrusion Prevention System cannot allocate a continuous memory from the kernel, it would send an "Insufficient memory" event.

When a Linux system has been running for a while without reboot, and the more it keeps allocating and de-allocating pages, the quicker the memory becomes fragmented. And the kernel may not always be able to defragment enough memory for a requested size on time. During (Intrusion Prevention) IPS Scanning, if the system was not able to allocate a continuous memory, the agent will send the Insufficent memory alert and not be able to scan the network traffic.

Workaround:

To create a scheduled job to do Linux memory defragmentation. The following is the memory defragmentation command:

echo 3 > /proc/sys/vm/drop_caches
echo 1 > /proc/sys/vm/compact_memory

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Insufficient Memory Alert due to Memory Fragmentation in the Linux platform

Workaround:

Insufficient Memory Alert due to Memory Fragmentation in the Linux platform

Product / Version includes:

Summary

Workaround: