[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  M0n0Wall ML <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] High CPU usage
 Date:  Sat, 19 Nov 2005 13:04:43 -0500
On 11/18/05, Lee Sharp <leesharp at hal dash pc dot org> wrote:
> >
> What about the issue with remote firmware upgrades on 64 meg machines?

the only person that actually replied back to Manuel with debug info
on the upgrade failures said they had 64 MB, but really had 32 MB.  I
don't know of any confirmed upgrade problems due to lack of RAM with
64 MB.

> And
> it seems that low memory machines using traffic shaping were the ones
> locking up recently...

many had a lot more too though.  running out of RAM won't make the
machine lock up, it'll make services crash due to no available memory
and no swap.  core routing/NATing/firewalling will continue

> When is extra memory "nice" to have and when is it
> critical?  And what is a good memory footprint?

1.2's racoon seems to have memory leaks under certain circumstances
for certain people.  I've never experienced them, but some have posted
info where it was using up way too much memory.  Others seem to have
reported issues with captive portal using only 64 MB.  I think all the
memory issues as of late are due to memory leaks, since nothing now is
significantly different than it was in earlier 1.2 betas or 1.1.

64 MB is sufficient for basically any install.  I run virtually every
feature, and never exceed 50% RAM use with 64 MB.  Quite a few people
ran pre-1.2 versions on 32 MB, just couldn't upgrade, and I know of
several that couldn't use IPsec.

From some off list discussion with Manuel for the sake of the
documentation, he also didn't think there were many, if any
circumstances where the stock image should use more than 64 MB.

Numerous IPsec connections (maybe 15-20+ simultaneous) may eat up
enough that you wouldn't be able to upgrade with 64 MB.  Big captive
portal deployments, and big DHCP deployments may take up more (talking
100+ users).  I don't recall any other situations where a legit need
(rather than memory leaks with 1.2) required more memory.