locked
wspsrv.exe taking all memory and crashes RRS feed

  • Question

  • Hello.

    I have problem with TMG. All run well, until I want to publis non-web service access (port forwarding). When I add rule wspsrv.exe turns mad.
    It slowly eats RAM and when no RAM is available, it crashes. Same scheme is repeated, when server is rebooted or firewall service is restarted, slowly eats RAM and crash down.
    I was searching for this issue a few days, I find some solutions for simillar problems with older ISA servers, but nothing helps me with TMG.

    Have anyone same experience or solution?

    Thanks in advance.

    • Edited by amissus Tuesday, December 2, 2008 1:44 PM
    Tuesday, December 2, 2008 11:49 AM

Answers

  • Hi Amissus,

    Our testing shows that the problem occurs only when trying to publish port 65535 (the last valid one).
    We recognize that this is a bug but as a temporary workaround, just avoid publishing it.

    Thanks,
    Amos
    • Marked as answer by amissus Sunday, December 7, 2008 9:49 PM
    Sunday, December 7, 2008 12:24 PM

All replies

  • Which TMG build are you using?
    Which protocol are you publishing?

    Thanks,

    Amos

    Tuesday, December 2, 2008 12:22 PM
  • TMG version 6.0.6.388.100.
    Forwarding any TCP port.
    Tuesday, December 2, 2008 1:44 PM
  • Hi Amissus,

    We were unaware of this issue.
    Can you confirm that this scenario below match your observation:
    1. Install TMG
    2. Add a server publishing rule for a server in the internal network
    3. Access that server from the External many times (can you estimate how many?)
    * Memory leak cause TMG to run out of memory and eventually crash

    - Can you sent us your configuration (to make sure, we'll need it if the scenario above does not expose the problem in order to help us reproduce it)?

    Thanks,
    Amos
    Wednesday, December 3, 2008 8:53 PM
  • Hello Amos.

    I confirm this scenario.
    1. Install TMG on Win 2008 x64 Enterprise/Standard server.
    2. Adding regular firewall rules or other activities, everything ok. 
    3. When add non-web server publishing role to localhost or internal network, any TCP port, wspsrv.exe goes crazy.
        It's not required to try access exposed port. Wspsrv.exe goes crazy immediately after adding rule.
        Slow grows in RAM and taking 60-70% CPU time, when all RAM is consumed, it crashes. 
        Localhost have still access to WAN, but internal network loss conection to localhost (server/gateway with TMG).
        When service microsoft firewall is restarted or server is rebooted, internal network gains connection for short
        time again, until wspsrv.exe again consume all RAM and crashes while CPU burns at 70%.
        
    I tried it many times on clear instalation of Win server 2008, without any other software instalation or settings (only built in DHCP and DNS server role for internal network behind TMG machine).
    Configuration is Athlon X2 4850e, 8GB RAM, AMD 780g chipset.

    Thanks in advance.
      
    Thursday, December 4, 2008 6:27 AM
  • Hi Amissus,

    I'm trying to reproduce this, publishing a DNS server, unfortunately I have no repro (the service memory is a flat line).
    I'm guessing that the problem is related to additional parameters in your configuration (either TMG or machine).
    How does the TMG machine IP addresses of each network adapter are defined (DHCP or static)?
    Can you export and send us your TMG configuration?

    Thanks,
    Amos
    Thursday, December 4, 2008 1:05 PM
  • Hello,

    IP addresses are both static.
    This is rough network scheme. Server running TMG does DNS and DHCP server for internal network yet.
    WAN network -------- TMG/DNS/DHCP server --------- LAN network

    WAN ip is static 10.0.0.0/25 given by ISP (public IP is mapped on ISP's router higher in network hierarchy).
    LAN ip is static 172.16.0.0/24.

    I try export TMG configuration. Where I can send it?

    Thanks.

    Thursday, December 4, 2008 1:48 PM
  • Hello,
    here are exported settings from TMG 
    http://amissus.xf.cz/tmg_exported.zip
    001.xml - settings before adding forwarding rule, everything OK.
    002.xml - added forwarded 65535 TCP port on local machine 172.16.0.11 and wspsrv.exe turns mad.
    Saturday, December 6, 2008 1:11 PM
  • Thank, we are investigating. I'll keep you updated.
    Sunday, December 7, 2008 11:06 AM
  • Hi Amissus,

    Our testing shows that the problem occurs only when trying to publish port 65535 (the last valid one).
    We recognize that this is a bug but as a temporary workaround, just avoid publishing it.

    Thanks,
    Amos
    • Marked as answer by amissus Sunday, December 7, 2008 9:49 PM
    Sunday, December 7, 2008 12:24 PM
  • Hello Amos,

    I confirm, that lower port then 65535 works correctly. Firewall is now fully operational :)
    Thank you for your time.

    Salute from Czech Republic.
    Sunday, December 7, 2008 9:49 PM