Technical Tip: High memory on SMB client daemon

To check the memory of smbcd memory utilization, use the command below:

diagnose sys top
Run Time: 0 days, 0 hours and 5 minutes
1U, 0N, 0S, 99I, 0WA, 0HI, 0SI, 0ST; 1866T, 707F
smbcd 304 S 5.4 7.8 3  <----- 7.8%.
forticron 159 S 0.4 1.1 2
newcli 361 R < 0.4 0.4 0

diagnose sys top
Run Time: 0 days, 0 hours and 7 minutes
1U, 0N, 0S, 99I, 0WA, 0HI, 0SI, 0ST; 1866T, 615F
smbcd 304 S 4.9 12.6 0 <----- 12.6%.
node 152 S 2.9 1.9 1
ipshelper 211 S < 0.1 1.7 0

diagnose sys top

Run Time: 0 days, 0 hours and 9 minutes
2U, 0N, 0S, 98I, 0WA, 0HI, 0SI, 0ST; 1866T, 519F
smbcd 304 S 5.3 17.2 0 <----- 17.2%.
node 152 S 2.9 1.9 0

If observing the smb client daemon increases gradually as shown above, it is possible to check the fsso-polling and find multiple fail counters as shown below,

MFM-FGT-SRR-81E-001 # diagnose debug fsso-polling detail 1
AD Server Status(connected):
ID=1, name(172.16.0.1),ip=172.16.0.1,source(security),users(IPv4:0, IPv6:0)
port=auto username=s-FortinetLDAP
read log eof=1, latest logon timestamp: Wed Feb 28 15:06:03 2024

polling frequency: every 10 second(s) success(6), fail(0)
LDAP query: success(0), fail(31)  <-----
LDAP max group query period(seconds): 1
LDAP status: connected

Restart the connection by going to Security Fabric -> External Connectors -> Active Directory Connector, disable by swiping to the left, and re-enable swiping to the right to restart the connection.

If the restart connection does not help and smbcd memory continues to increase gradually, restart the daemon gracefully using a specific smbcd process ID as shown below:

diagnose sys top

Run Time: 0 days, 0 hours and 12 minutes
1U, 0N, 0S, 99I, 0WA, 0HI, 0SI, 0ST; 1866T, 243F
smbcd 304 S 5.1 25.6 0  <----- Process ID 304.

MFM-FGT-SRR-81E-001 # diagnose sys kill 11 304