On Wed, 2007-05-09 at 14:05 +0000, Erich Titl wrote: > > Brad Langhorst wrote: > > I have a bering ulibc firewall running shorwall and ipsec. > > > > It's badly leaking memory. > > see: > > https://development.coopmetrics.coop/munin/mcgruff/mcgruff.html > > > > you can see that it leaks pretty hard during the nightly backups. > > > > i have to reboot every few days or the machine runs out of ram and > > becomes unstable. > > > > The bad news is that this machine is in production, and i can't take it > > down any time soon. > > > > I'm pretty sure that it's ipsec related because i don't lose memory when > > doing a big scp transfer NOT via the vpn. > > > > Removing the ipsec modules does not free up the ram. > > > > Any ideas? > > Anybody seen this problem before? > > Not before, but awoken by your message I looked at my freshly installed > ipsec installation and yes, from the looks of it it appears to leak. > > Can you tell us if this is traffic related, e.g. are you leaking more if > there is heavy traffic as opposed to just open tunnels? > > What release is this related to?
it is certainly related the the traffic... more with more traffic. if you have a look at those graphs you can see the free memory decreases in steps where there is a lot of traffic over ipsec0. i thought I mentioned the release... sorry LEAF Bering-uClibc 3.0 Rev 5 uClibc 0.9.28 I did upgrade the ipsec package recently hoping for a fix mcgruff# apkg -l ipsec ipsec 2.4.7 Rev 1 uClibc 0.9.28 here's the kernel info uname -a Linux mcgruff 2.4.33 #1 Mon Sep 4 15:52:08 CEST 2006 i686 unknown I saw in your other mail that you were able to calculate that it leaks 4 bytes at a time. How did you know that it's at word boundaries? I don't see this behavior the other side of the link (same hardware, this software): LEAF Bering-uClibc 2.3 uClibc 0.9.20 Rev 2 Linux cujo 2.4.32 #1 Sat Mar 4 21:00:13 CET 2006 i686 unknown ipsec 2.4.4 Rev 4 Openswan IPSEC have you tried kernel 2.3.34? brad ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
