Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PHP Fatal error: Allowed memory size of 536870912 bytes exhausted

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 4 Posters 697 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      NetRunner8050
      last edited by

      Hey guys,

      pfSense Firmware:
      2.8.0-RELEASE (amd64)

      pfSense Hardware:
      Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
      16 GB DDR3 RAM

      I'm encountering a strange issue:
      Whenever I log in, I see the following error on my dashboard:

      [24-Jul-2025 21:54:16 Europe/Berlin] PHP Fatal error: Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes) in /usr/local/bin/kea2unbound on line 528

      I opened the file and tried increasing the memory limit to 2048M, but the change gets reset after every firewall reboot.

      I also tried editing the file shown below:
      88f0e5b9-4d9e-44db-af3f-da7acd862fb4-image.png

      However, I'm a bit lost at this point. I can only find very old threads, and it seems the code has changed. Previously, it looked like this:

      // Set memory limit to 512M on amd64.
      if ($ARCH == "amd64") {
      ini_set("memory_limit", "512M");
      } else {
      ini_set("memory_limit", "128M");
      }
      That would have been easy to modify โ€“ but unfortunately, it's no longer like that.

      Also, when searching the error on the forum or Google, I only find bug reports that are already marked as resolved or outdated threads from 5โ€“10 years ago.

      This issue seems to have started after upgrading to 2.8.0, but I can't say for sure if it's related.

      I don't have a huge configuration or setup โ€“ just a few aliases and maybe 5โ€“7 lists in DNSBL.

      Could anyone help me figure this out?

      Thanks in advance!

      S GertjanG 2 Replies Last reply Reply Quote 0
      • S Offline
        SteveITS Galactic Empire @NetRunner8050
        last edited by

        @NetRunner8050 It's exposed in the GUI now.

        https://forum.netgate.com/topic/198176/php-memory-error/3

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
        Upvote ๐Ÿ‘ helpful posts!

        1 Reply Last reply Reply Quote 0
        • stephenw10S Offline
          stephenw10 Netgate Administrator
          last edited by

          Make sure you are using Python mode in DNSBL.

          1 Reply Last reply Reply Quote 0
          • GertjanG Offline
            Gertjan @NetRunner8050
            last edited by

            @NetRunner8050 said in PHP Fatal error: Allowed memory size of 536870912 bytes exhausted:

            I can only find very old threads ...

            Euuuh ... not everybody runs pfSense on 'huge rigs' ? ^^

            Use this one :

            ef5ee7c7-8924-49db-ab55-d510b4f3a4a9-image.png

            and enter the word 'exhausted' - and limit the search for answers for the last 4 weeks :

            edb8509a-d9f8-4c94-bfb9-1522ee5e7255-image.png

            and scroll down : you find a second post, with the same question, same type of device.
            And the solution.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • stephenw10S Offline
              stephenw10 Netgate Administrator
              last edited by

              But specifically if you're running DNS-BL with a number of lists and kea2unbound make sure you're using Python mode to avoid this.

              GertjanG 1 Reply Last reply Reply Quote 1
              • GertjanG Offline
                Gertjan @stephenw10
                last edited by

                @stephenw10
                Very true.
                kea2unbound requests unbound a copy of it's local 'DNS' cache so it can check what has to be removed before it adds new DNS (& PTR) info, if needed.
                When Python mode isn't used, this local unbound cache can get very big.

                edit :
                To see it :

                /usr/local/sbin/unbound-control -c /var/unbound/unbound.conf list_local_data | wc -l
                

                If pfBlockerng is used without Python mode (also !), this cache can be very big.
                Reading, writing and parsing huge data streams with PHP creates classic "don't do that" situation.

                Btw, @cmcdonald (kea2unbound author, right ?) : what about a warning message in the log system when kea2unbound detects that the option Python Module under "Services > DNS Resolver > General Settings" is disabled ?
                The unbound config is already loaded, so checking would be easy :

                Disabling this option by itself is probably not an issue, but if pfBlockerng is installed and it uses DNSBL feeds, then things will go downwards very fast. See here :

                Memory exhaustion in kea2unbound when pfBlockerNG DNSBL is enabled in "Unbound mode" instead of "Unbound python mode"

                Or, as proposed in the bug comments : remove the "Unbound or Python" option completely in pfBlockerng, making Python mode default.
                And what the heck, why not remove the

                73568b2a-ae4c-4d4c-965a-47218552a089-image.png

                option also ?! Activate it by default. Not sure why it needs an option to disable it.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • S SteveITS referenced this topic on
                • N Offline
                  NetRunner8050
                  last edited by NetRunner8050

                  Hey guys,

                  Thanks a lot! I implemented the changes, switched DNSBL to Python mode, and also increased the PHP memory limit to 4096 under
                  System > Advanced > Miscellaneous โ€” no more errors!

                  Iโ€™d upvote your comments, but it seems my reputation isnโ€™t high enough yet.

                  Anyway, thanks again to all of you โ€” this community is incredibly helpful and kind!

                  Edit: The Firewall needed a reboot after the changes.

                  GertjanG 1 Reply Last reply Reply Quote 3
                  • GertjanG Offline
                    Gertjan @NetRunner8050
                    last edited by

                    @NetRunner8050 said in PHP Fatal error: Allowed memory size of 536870912 bytes exhausted:

                    my reputation isnโ€™t high enough yet

                    Solved that.

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.