Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[M/MX/PTX/T] Memory buffer utilization monitoring and generating SNMP trap proactively

0

0

Article ID: KB36351 KB Last Updated: 14 Dec 2020Version: 1.0
Summary:

This article explains how to monitor Memory Buffer (mbuf) utilization and trigger SNMP traps proactively.

 

Solution:

Mbuf is called the “kernel memory buffer.” It belongs to the IPC subsystem, and network and socket buffers are stored in it. If memory leaks are allowed to build over time in the networks, it results in cores, crashes, reboots, and memory corruption, which causes traffic impact. Mbuf memory usage can be monitored proactively and snmp_trap messages triggered at a certain threshold to notify administrators to take action before the system runs into a state where traffic would be impacted.

  1. If you want to determine that there is mbuf leakage, observe every few hours till you see signs of irreversible increase in usage. If usage is irreversible, then mbuf is leaking. (For example, dcd where when you add interface data, the percentage goes up and when you delete interface data, the percentage goes down. If the corresponding percentage is not going down, it means that memory is leaking and it is caused by dcd.)

Here's how you can find Mbuf:

> show system buffers 
8/4222/4230 mbufs in use (current/cache/total)
3/523/526/30000 mbuf clusters in use (current/cache/total/max)->if current is more than 15000,which is half of max,you should observe more frequently,see if it will go down.
0/256 mbuf+clusters out of packet secondary zone in use (current/cache)
0/0/0/0 4k (page size) jumbo clusters in use (current/cache/total/max)
  1. When you get an idea of the estimated leak range, you can use the Junos script to check and act on the leak.

Adding Script to Configuration for OP Usage

  1. Enable the OP script.

set system scripts op file pkt_mbuf_monitor.slax
  1. Set up the event script and enable monitoring every 5 minutes.
set event-options generate-event 5m time-interval 300
set event-options policy pkt_mbuf_monitor events 5m
set event-options policy pkt_mbuf_monitor then event-script pkt_mbuf_monitor.slax arguments output-type snmp-mib
  1. (Optional) Customize the threshold to send an SNMP trap. The default is 16.

set event-options policy pkt_mbuf_monitor then event-script pkt_mbuf_monitor.slax arguments threshold XXX
  1. (Optional) Create a log file to record when the script is triggered.

set system syslog file pkt_mbuf_log any info
set system syslog file pkt_mbuf_log match PKT_MBUF_Monitor
  1. Commit the script and test.

>op pkt_mbuf_monitor output-type both
PS:
## output-type has 4 flags
## default (no value) is terminal only, so you can run this command at any time to see the output
## output-type terminal – same as default, terminal only output
## output-type snmp-mib only populates the utility mib
## output-type both populates both above at same time

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search