Workaround for tmm SNAT memory leak?

sol15010 says nomworkaround, however everything says (to me) that "bigstart restart tmm" should work here - why don't you try it on the standby box and check before and after using tmsh show /sys memory | egrep 'Max\ Alloc|source\ addr'? The worst it can do is restart without fixing the memory issue.......

Well to be really sure you should check with the TAC.

What is "TAC"?

Yes, the restart of tmm DOES clear the leaked memory. However it's an outage for that unit, which is probably why it's not listed as a 'workaround' :) [The restart is exactly what causes an outage when it restarts itself. You'll see an error in the tmm log when this happens and alarms go off, services failover, tmm restarts and we do the whole thing again]

FWIW I had the same issues in 11.2.1HF6 (Although it wasn't identified as a leak due to SNAT, it was a leak. The TMM would restart after about 4 days, so the temporary work-around until we dropped the ENG HF on the units was to schedule a tmm restart overnight on a rotating basis).

H

What I was thinking was to get the standby in a prepared state (memory cleared) so that when failover takes place (the sol article did mention this possibility) it'll still work. We can then do the same on the new standby.

We can't apply the standard HF release now, and we are waiting for an EngHF that will contain fixes for other issues that we have currently.

Possibly better if you initiate the failover yourself...

H

Just to give everybody a heads-up: There is a bug with "bigstart restart":

Bug 432260 - "bigstart restart" removes tmm route entry for 127.7.0.0 address for AAA server pool

After running the command, an AAA (LDAP) server could not be reached, resulting in a service outage.

I got bitten by this twice now. :-(

I am on v11.3.0.

But this workaround did get all memory back.