IPBan memory usage on windows server 2025 #316
Comments
|
Please zip and send logfile*.txt to [email protected] |
|
Out of curiosity, does IPBanProDatacenter have the same issue? There's a free trial you can install to test: https://ipban.com/products/ipban-pro-datacenter-free-trial-download/ This one doesn't use Windows firewall |
|
I installed version ipban 3.0 (.net9) and the final version of Windows Server 2025 (previously, I had Windows Server Preview), and the error persists. In two days, the svchost process increased to 500MB of RAM on two different machines. I’m going to try IPBanProDatacenter now. |
|
With the datacenter version, memory consumption is correct. DigitalRuby.IPBanProDatacenter.exe 42.6 MB RAM IPBan 3.0 |
|
99% sure this is a problem with Windows firewall then. Will have to investigate what changed with COM or their implementation in server 2025. Could be a MSFT bug ... |
I'm just about to install your product on Windows Server 2025 on production. Is it not recommended to do this yet? |
|
I forgot to ask, does restarting ipban clear the memory usage of the firewall service @fhm20 ? |
|
No. If I restart the service, the memory is not released. I opened a case with Microsoft. I'm waiting for their response. |
Unfortunately not recommended until memory leaks can be fixed in Windows |
|
This Win32 api call has had a memory leak for years, too: To work around it and surface firewall events properly in IPBan Pro, I had to write a separate executable, read it's std out from the main service, then kill the child process periodically as it filled up with RAM. You'd think calling All this is to say this wouldn't be the first time a memory leak crept it's way into Microsoft's firewall code. |
|
@fhm20 Does restarting the LocalServiceNoNetworkFirewall service clear the memory usage? |
|
I can't restart the process cleany. I have to kill the process, which causes the server to lose connectivity for a few seconds. After that, the memory is released. Microsoft technical support is still investigating the issue. |
|
What if the ipban service restarted this process daily at 3am for win2025 only, would that be acceptable? Or just wait for Microsoft response? |
|
It's not enough to restart the IPBan service to clean the memory. I would need to kill the svchost process, but I can't do that at night either. Would it be possible for you to adapt the DigitalRuby.IPBanProWFPEvents.exe to the free version? |
|
I mean restarting the
|
|
I am still analyzing the case with Microsoft. They are asking for memory dumps of the LocalServiceNoNetworkFirewall process to try to locate the issue. |
I'm testing IPBan on Windows Server 2025.
Server1: W2025 without IPBan. The process svchost.exe -k LocalServiceNoNetworkFirewall -p uses 6MB of RAM.
Server2: W2025 with IPBan 1.8.1 or 2.0.1. The process svchost.exe -k LocalServiceNoNetworkFirewall -p uses 2.1GB of RAM. Uptime: 15 days.
Server3: W2022 with IPBan 1.8.1. The process svchost.exe -k LocalServiceNoNetworkFirewall -p uses 22MB of RAM. Uptime: 30 days.
The RAM usage of svchost.exe -k LocalServiceNoNetworkFirewall on W2025 increases every day and does not release memory. In two days, it increased by 400MB.
I have the same 3 rules, "IPBan_GlobalBlacklist," each with 1000 IPs (3000 IPs in total), on all 3 servers.
This issue does not occur on W2022. Could you check if there is a memory problem with IPBan or if it is an issue with the firewall of Windows Server 2025?
Thanks
The text was updated successfully, but these errors were encountered: