[rsyslog] Rsyslog 4.4.2: server out-of-memory with gnutls
Mr. Demeanour
mrdemeanour at jackpot.uk.net
Thu Nov 19 19:19:02 CET 2009
Mr. Demeanour wrote:
> Hi,
>
> I'm running a central rsyslog server with a couple of remote WAN
> (internet) clients and several remote LAN clients. Traffic is low -
> of the order of 10,000 messages per day. Internet clients communicate
> with the server using gnutls. LAN clients are currently using UDP.
> The server writes client logs to mysql, and also writes messages of
> local origin to disk.
Further to this:
I have been running 4.5.6 for about a week now, *without* gnutls
enabled. No leaks.
This evening I re-enabled gnutls, and almost immediately noted excessive
memory usage, *and* 99% cpu.
It seems that the high CPU usage occurs with hosts outside my local
network; it may be that there is some misconfiguration of NAT that is
behind that problem.
I note that leaks are possible with the versions of gnutls shipping with
Debian:
http://permalink.gmane.org/gmane.network.gnutls.general/1465
That document describes a leak that would be expected to arise during
connection setup, but not per message. I guess a dubious connection
(e.g. resulting from misconfigured NAT) might result in repeated setup
attempts, and so in leaks *and* cpu spiking.
--
Jack.
More information about the rsyslog
mailing list