[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] OpenVPN eats all my CPU when using the mgmnt interface


  • Subject: [Openvpn-users] OpenVPN eats all my CPU when using the mgmnt interface
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Wed, 5 Jan 2005 12:25:03 +0100 (CET)

I just observed that one of my OpenVPN processes were using 99% of my CPU on my newly installed password auth based firewall.

After some testing I've found that it's the management interface that's causing it. Starting OpenVPN and everything is calm, but as soon as I connect to the management interface, OpenVPN starts looping eating up all CPU, and it does not stop after I disconnect from the management interface. I have to restart OpenVPN to get rid of the problem.

Connecting with a OpenVPN client also causes openvpn to exit this loop.

openvpn@fw-ktn:/etc/openvpn$ openvpn --version
OpenVPN 2.0_rc5 i686-pc-linux [SSL] [LZO] built on Dec 16 2004

openvpn@fw-ktn:/etc/openvpn$ uname -a
Linux fw-ktn 2.4.26 #2 Wed Jun 30 15:30:57 CEST 2004 i686 unknown

This is what I get when running strace on the process:

poll([{fd=5, events=POLLIN|POLLPRI}, {fd=6, events=POLLIN|POLLPRI}, {fd=3, events=POLLIN|POLLPRI}, {fd=7, events=POLLIN|POLLPRI, revents=POLLNVAL}], 4, 10000) = 1
time(NULL) = 1104923675
poll([{fd=5, events=POLLIN|POLLPRI}, {fd=6, events=POLLIN|POLLPRI}, {fd=3, events=POLLIN|POLLPRI}, {fd=7, events=POLLIN|POLLPRI, revents=POLLNVAL}], 4, 10000) = 1
time(NULL) = 1104923675
poll([{fd=5, events=POLLIN|POLLPRI}, {fd=6, events=POLLIN|POLLPRI}, {fd=3, events=POLLIN|POLLPRI}, {fd=7, events=POLLIN|POLLPRI, revents=POLLNVAL}], 4, 10000) = 1
time(NULL) = 1104923675
poll([{fd=5, events=POLLIN|POLLPRI}, {fd=6, events=POLLIN|POLLPRI}, {fd=3, events=POLLIN|POLLPRI}, {fd=7, events=POLLIN|POLLPRI, revents=POLLNVAL}], 4, 10000) = 1
time(NULL)


This is the my OpenVPN config:

port 443
dev tap101
local xxx.xx.xxx.xxx
proto tcp-server

# Use username/password authentication.
auth-user-pass-verify /etc/openvpn/scripts/checkpsw-common1 via-env
client-config-dir /etc/openvpn/clients-config/common1

log /etc/openvpn/logs/common1
status /etc/openvpn/status/common1 10
status-version 2
management 127.0.0.1 1101

# IP address pool to push to clients.
ifconfig-pool 172.20.101.201 172.20.101.250 255.255.255.0

# TLS parms
tls-server
pkcs12 /etc/openvpn/keys/server.p12
dh /etc/openvpn/keys/dh1024.pem
tls-auth /etc/openvpn/keys/tls-auth.key

# Tell OpenVPN to be a multi-client udp server
mode server
daemon

client-cert-not-required
username-as-common-name

# Client should attempt reconnection on link
# failure.
ping 10
ping-restart 120
push "ping 10"
push "ping-restart 60"

# Fix MTU issues.
mssfix 1400

# The server doesn't need privileges
user openvpn
group users
persist-tun
persist-key

verb 3

--
_________________________________________________________
Mathias Sundman              (^)   ASCII Ribbon Campaign
NILINGS AB                    X    NO HTML/RTF in e-mail
Tel: +46-(0)8-666 32 28      / \   NO Word docs in e-mail


------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users