SG-1100 Errros after upgrade to pf+ 21.05: excessive memory usage & message: "03[CFG] C_GetSlotinfo failed: SLOT_ID_INVALID"
-
Hi all,
After Upgrading to pfSense plus 21.05 on 4th june 2021 we have problems with our two SG-1100 that are connecting 2 sites via IPSec VPN. Now they have software 21.05.1 and problems still exist.
Every couple of weeks the SG-1100s are both running out of memory and then they start sending thousands of error messages. Traffic is still forwarded, but Management via WebGUI is nearly impossible and the number of error messages is flooding our DSL line (just 2 mbit/s error mesages).
Attached you have the error messages from syslog and the graph of memory usage over the last couple of months..
Any idea, is there any official statement from Netgate, is it a bug or known issue?
-
@houbidoo There is a memory leak in pcscd. If you're not using IPSec you can just stop the service, or there is a patch to disable it by default. It will be disabled by default in 21.09.
-
Yup. That. ^
-
Sounds great, we will discuss it and let you know what/if fixed the problem.
For my understanding: What does "If you're not using IPSec you can just stop the service,", does stopping the pcscd service interrupt IPSec?
-
@houbidoo read the Redmine cases…think it was ongoing log errors. Or just install the patch and reboot.
-
Yes, if you're running IPSec tunnels you will need to stop then start the service otherwise you will end up with excess logging. That shows as numerous bzip processes trying to rotate the logs as they fill.
Apply the patch via the System Patches package and reboot.Steve
