Heartbeat rejections occur when Deep Security Manager is installed in RHEL Kernel 3.10.0-957.21.3.el7 or AWS EC2 Kernel 4.14.123-86.109.amzn1.x86_64

- Updated:
- 17 Jul 2019
- Product/Version:
- Deep Security 10.0
- Deep Security 11.0
- Deep Security 12.0
- Platform:
- N/A N/A

Summary

When Deep Security Manager (DSM) is installed in Red Hat with Kernel 3.10.0-957.21.3.el7 or AWS EC2 Kernel 4.14.123-86.109.amzn1.x86_64, heartbeat rejections happen. It causes the managed Deep Security Agents (DSA) show offline status. Failure in sending policy and downloading kernel support package may also be observed.

Details

The issue is related to the changes introduced in Kernel 3.10.0-957.21.3.el7 and 4.14.123-86.109.amzn1.x86_64. However, same issue may also occur in the newer kernels.

To work around this issue, run the command below on the Deep Security Manager server to increase TCP socket buffer to 16K for the incoming heartbeats:

/opt/dsm/dsm_c -action changesetting -name settings.configuration.heartbeatSocketBufferSize -value 16384

By default, the value for TCP socket buffer is 2048.

Increasing the value may cause extra memory consumed and the memory usage relies on the number of incoming heartbeats from Deep Security Agents. The value can be lowered if excessive memory consumption is observed, however, the issue may reoccur if the value is too low.

Fix is planned to be implemented in the future update release.

Rating:

Category:

Troubleshoot

Solution Id:

1123226

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.