Project

General

Profile

Actions

Bug #13180

open

High CPU Utilization with pfb_filter since PfBlockerNG update to devel 3.1.0_4

Added by RED SKULL about 1 month ago. Updated 15 days ago.

Status:
New
Priority:
High
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.6.0
Affected Plus Version:
Affected Architecture:
amd64

Description

SPECS:
-----
4 core Broadwell Xeon with SMT disabled in BIOS (0 logical cores)
32 GB DDR4 RAM
Powerd set to Maximum for all scenarios

BACKGROUND:
----------
This issue has been happening on both my 2.6 boxes and 2.7 development boxes that recently had pfBlockerNG devel updated to 3.1.0_4. It resolves only when I stop pfb_filter service (not an ideal scenario and unacceptable).

NOTE: A variant of this issue seems to keep rearing its ugly head every so often on PfSense in the past - based on personal experience and Reddit/netgate forum searches.

Every few seconds, pfctl -vvsr eats up CPU. ps auxwwd output below and top -aSH screenshot is attached (you can see 99% CPU). Disabling SMP is also not an option and this issue disabled total throughput of firewall drastically; also results in occasional dropped packets even with lowered throughput ceiling.

OUTPUT:
------
/root: ps auxwwd
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 0 0.8 0.0 0 976 - DLs 14:16 26:52.36 [kernel]
root 11 313.1 0.0 0 64 - RNL 14:16 1729:02.60 - [idle]
root 12 0.1 0.0 0 352 - WL 14:16 1:55.72 - [intr]
root 1 0.0 0.0 9496 936 - ILs 14:16 0:00.07 - /sbin/init --
root 82842 0.2 0.2 73432 53192 - S 14:26 4:10.27 |-- /usr/local/bin/php_pfb f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog
root 12912 23.6 0.0 11936 3236 - R 00:27 0:02.58 | `-
/sbin/pfctl vvsr
root 273 0.0 0.0 11732 2628 - Is 14:25 0:02.79 |-
/usr/local/bin/dpinger S -r 0 -i REMOVED FOR PRIVACY -p /var/run/dpinger_REMOVED FOR PRIVACY.pid -u /var/run/dpinger_REMOVED FOR PRIVACY.sock -C /etc/rc.gateway_alarm REMOVED FOR PRIVACY
root 649 0.0 0.1 105028 27956 - Ss 14:16 0:00.61 |-
php-fpm: master process (/usr/local/lib/php-fpm.conf) (php-fpm)
root 651 0.0 0.1 138772 49844 - I 14:16 2:58.29 | |-- php-fpm: pool nginx (php-fpm)
root 3756 0.0 0.2 141164 50476 - I 14:18 3:15.34 | |-- php-fpm: pool nginx (php-fpm)
root 4095 0.0 0.1 138004 44696 - I 14:18 2:43.25 | |-- php-fpm: pool nginx (php-fpm)
root 4113 0.0 0.1 139072 49776 - I 14:18 3:02.07 | |-- php-fpm: pool nginx (php-fpm)
root 4134 0.0 0.1 140916 49952 - I 14:18 3:31.62 | |-- php-fpm: pool nginx (php-fpm)
root 7487 0.0 0.2 144276 54116 - I 14:19 2:54.59 | |-- php-fpm: pool nginx (php-fpm)
root 81544 0.0 0.1 111240 44908 - I 14:24 3:12.46 | `-- php-fpm: pool nginx (php-fpm)
root 689 0.0 0.0 11388 2892 - INs 14:16 0:00.07 |-- /usr/local/sbin/check_reload_status

~ truncated for privacy (too many gateways and pingers with IP/config details) :) ~


SEE ATTACHMENT


Files

Untitled.png (149 KB) Untitled.png top -aSH screenshot RED SKULL, 05/18/2022 12:44 AM
Actions #1

Updated by RED SKULL about 1 month ago

not sure why there is strike-through and cannot edit original but this is line of significance in OP:

root 12912 23.6 0.0 11936 3236 - R 00:27 0:02.58 | `- /sbin/pfctl vvsr

ie. 23.6 load in ps auxwwd output.

Also, prior picture attachment shows 99% load from pfctl. this happens every few seconds and keeps load high. It is a huge issue due to lowered responsiveness and throughput.

Actions #2

Updated by Michael Novotny 15 days ago

Looks like a duplicate or related to #13154

Actions

Also available in: Atom PDF