Memory Issue Resolution [Документация VAS Experts]
Документация VAS Experts Документация VAS Experts-mobile
in

Settings

  • Show pagesource
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • ODT export
  • Export Page to HTML/PDF
  • Backlinks
  • Show pagesource
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • ODT export
  • Export Page to HTML/PDF
  • Backlinks
    • Stingray Service Gateway by VAS ExpertsSSG componentsFastDPI (DPI, BNG, NAT functions)AdministrationMemory Issue Resolution

    Memory Issue Resolution

    Attention! Do not change these parameters on your own. Please contact technical support for assistance.
    1. mem_tracking_flow — the amount of memory allocated for processing IPv4 flow when SSG starts.
      Each processed flow will be placed in this memory and will be processed according to the policies and rules defined in the configuration. The occupancy of this pool can be monitored in /var/log/dpi/fastdpi_stat.log (as described here). If the pool is exhausted, SSG will no longer be able to process new flows.
    2. mem_preset — the method of memory initialization in DPI.
      DPI allocates memory statically: at the start of the process and when creating some service profiles (such as NAT, blacklists, and whitelists), additional memory is not allocated during operation. Memory consumption grows because the Linux OS distinguishes between resident (marked as RES in top) and virtual (marked as VIRT in top) memory of the process. The peculiarity is that until the memory is initialized (actually initialized with zero), it is not recorded by Linux as resident and is moved there as it is initialized.
      Setting mem_preset=1 in the /etc/dpi/fastdpi.conf file allows DPI to initialize almost all allocated memory at the start of the process. This prevents the growth of resident memory (RES) during operation, as the memory is fully initialized immediately. However, this mode slows down the system start and requires a sufficient amount of physical RAM. It is recommended to take this factor into account and monitor the consumption of virtual (VIRT) and resident (RES) memory.
    3. mem_ssl_parsers — the amount of memory allocated for SSL processing when SSG starts.
      A clear sign that the current pool size is insufficient is the presence of errors in /var/log/dpi/fastdpi_slave_*.log such as: 
      [ERROR   ][000000118902699100][042E5F001EF5C480] Can't allocate record
ssl_state : IP : <IP:port> --> <IP:port>
[ERROR   ][000000118902954180][042E5F001EF5C50B] Can't allocate record
ssl_state_sni : IP : <IP:port> --> <IP:port>

      A lack of SSL parsers can lead to problems in processing HTTPS traffic (which may affect filtering by RKN lists).
      If such errors occur, it is recommended to increase the mem_ssl_parsers value by 1.5 - 2 times (considering the amount of free RAM).