Bug #13180
closedHigh CPU Utilization with pfb_filter since pfBlockerNG update to devel 3.1.0_4
0%
Description
SPECS:
-----
4 core Broadwell Xeon with SMT disabled in BIOS (0 logical cores)
32 GB DDR4 RAM
Powerd set to Maximum for all scenarios
BACKGROUND:
----------
This issue has been happening on both my 2.6 boxes and 2.7 development boxes that recently had pfBlockerNG devel updated to 3.1.0_4. It resolves only when I stop pfb_filter service (not an ideal scenario and unacceptable).
NOTE: A variant of this issue seems to keep rearing its ugly head every so often on PfSense in the past - based on personal experience and Reddit/netgate forum searches.
Every few seconds, pfctl -vvsr eats up CPU. ps auxwwd output below and top -aSH screenshot is attached (you can see 99% CPU). Disabling SMP is also not an option and this issue disabled total throughput of firewall drastically; also results in occasional dropped packets even with lowered throughput ceiling.
OUTPUT:
------
/root: ps auxwwd
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 0 0.8 0.0 0 976 - DLs 14:16 26:52.36 [kernel]
root 11 313.1 0.0 0 64 - RNL 14:16 1729:02.60 - [idle]
root 12 0.1 0.0 0 352 - WL 14:16 1:55.72 - [intr]
root 1 0.0 0.0 9496 936 - ILs 14:16 0:00.07 - /sbin/init --
root 82842 0.2 0.2 73432 53192 - S 14:26 4:10.27 |-- /usr/local/bin/php_pfb f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog /sbin/pfctl
root 12912 23.6 0.0 11936 3236 - R 00:27 0:02.58 | `-vvsr /usr/local/bin/dpinger
root 273 0.0 0.0 11732 2628 - Is 14:25 0:02.79 |-S -r 0 -i REMOVED FOR PRIVACY -p /var/run/dpinger_REMOVED FOR PRIVACY.pid -u /var/run/dpinger_REMOVED FOR PRIVACY.sock -C /etc/rc.gateway_alarm REMOVED FOR PRIVACY php-fpm: master process (/usr/local/lib/php-fpm.conf) (php-fpm)
root 649 0.0 0.1 105028 27956 - Ss 14:16 0:00.61 |-
root 651 0.0 0.1 138772 49844 - I 14:16 2:58.29 | |-- php-fpm: pool nginx (php-fpm)
root 3756 0.0 0.2 141164 50476 - I 14:18 3:15.34 | |-- php-fpm: pool nginx (php-fpm)
root 4095 0.0 0.1 138004 44696 - I 14:18 2:43.25 | |-- php-fpm: pool nginx (php-fpm)
root 4113 0.0 0.1 139072 49776 - I 14:18 3:02.07 | |-- php-fpm: pool nginx (php-fpm)
root 4134 0.0 0.1 140916 49952 - I 14:18 3:31.62 | |-- php-fpm: pool nginx (php-fpm)
root 7487 0.0 0.2 144276 54116 - I 14:19 2:54.59 | |-- php-fpm: pool nginx (php-fpm)
root 81544 0.0 0.1 111240 44908 - I 14:24 3:12.46 | `-- php-fpm: pool nginx (php-fpm)
root 689 0.0 0.0 11388 2892 - INs 14:16 0:00.07 |-- /usr/local/sbin/check_reload_status
~ truncated for privacy (too many gateways and pingers with IP/config details) :) ~
SEE ATTACHMENT
Files
Related issues
Updated by RED SKULL over 2 years ago
not sure why there is strike-through and cannot edit original but this is line of significance in OP:
root 12912 23.6 0.0 11936 3236 - R 00:27 0:02.58 | `- /sbin/pfctl vvsr
ie. 23.6 load in ps auxwwd output.
Also, prior picture attachment shows 99% load from pfctl. this happens every few seconds and keeps load high. It is a huge issue due to lowered responsiveness and throughput.
Updated by Michael Novotny over 2 years ago
Looks like a duplicate or related to #13154
Updated by Marcos M over 1 year ago
- Subject changed from High CPU Utilization with pfb_filter since PfBlockerNG update to devel 3.1.0_4 to High CPU Utilization with pfb_filter since pfBlockerNG update to devel 3.1.0_4
- Status changed from New to Duplicate
- Affected Architecture deleted (
amd64)
Updated by Marcos M over 1 year ago
- Is duplicate of Bug #13154: pfBlocker causing excessive CPU load added