[rsyslog] Rsyslog 4.4.2: server out-of-memory with gnutls
Mr. Demeanour
mrdemeanour at jackpot.uk.net
Fri Nov 20 17:10:24 CET 2009
Mr. Demeanour wrote:
> Mr. Demeanour wrote:
>> Hi,
>>
>> I'm running a central rsyslog server with a couple of remote WAN
>> (internet) clients and several remote LAN clients. Traffic is low -
>> of the order of 10,000 messages per day. Internet clients
>> communicate with the server using gnutls. LAN clients are currently
>> using UDP. The server writes client logs to mysql, and also writes
>> messages of local origin to disk.
>
> Further to this:
>
> I have been running 4.5.6 for about a week now, *without* gnutls
> enabled. No leaks.
>
> This evening I re-enabled gnutls, and almost immediately noted
> excessive memory usage, *and* 99% cpu.
>
> It seems that the high CPU usage occurs with hosts outside my local
> network; it may be that there is some misconfiguration of NAT that is
> behind that problem.
Not NAT. It seems that I had set up the server certificate with an
incorrect CN.
I guess the client was trying repeatedly to make a connection that was
doomed to fail every time. That would explain the CPU spike. If there is
also a memory leak in the gnutls server code concerning connection
setup, that would explain the memory consumption also.
Perhaps rsyslog should give up trying to connect to a remote server, or
at least back off, if the error it encounters is of a kind that most
likely requires human intervention? Such would generally be the case if
a certificate is invalid.
--
Jack.
More information about the rsyslog
mailing list