Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN using 100% of One Core?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 1 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • beremonavabiB
      beremonavabi
      last edited by

      This is the first time I've seen this.  If I'm reading this right, it looks like OpenVPN is using 100% of Core 2 on my SG-4860.  As far as I can tell, there's almost no network traffic (local or otherwise).  I guess I'll reboot.  But, has anyone else seen this on 2.3.4-RELEASE-p1?

      EDIT 1:  I've rebooted, but the CPU Usage on the Dashboard is still showing a fairly constant 25% usage and Diagnostics: System Activity still shows 100% on one core (the core number changes) for /usr/local/sbin/openvpn –config /var/etc/.

      EDIT 2:  I shut down my two OpenVPN clients, one OpenVPN server, the DHCP Service, and DNS Resolver one by one.  The CPU usage returned to normal (near zero) when I restarted the second OpenVPN client.  But it went to 25% when I restarted the DHCP server.  Went back and restarted that second OpenVPN client again and the CPU usage again went back to normal.  I'd read about a race condition between OpenVPN and Resolver (I think).  I assume that was it.
      ![20170805 -- pfSense Diagnostics System Activity High CPU Usage.PNG](/public/imported_attachments/1/20170805 -- pfSense Diagnostics System Activity High CPU Usage.PNG)
      ![20170805 -- pfSense Diagnostics System Activity High CPU Usage.PNG_thumb](/public/imported_attachments/1/20170805 -- pfSense Diagnostics System Activity High CPU Usage.PNG_thumb)

      SG-4860, pfSense 2.4.5-RELEASE-p1 (amd64)

      1 Reply Last reply Reply Quote 0
      • beremonavabiB
        beremonavabi
        last edited by

        For some reason, this behavior (OpenVPN getting stuck using 100% of one core) has changed.  This problem used to happen upon initial boot of the pfSense box.  This morning, I noticed the problem had happened without a reboot.  Running through the "restart each VPN client and Resolver" process does clear it.  But, going back to the Dashboard a while later again has one core stuck at 100% using openvpn.  I've done that several times now.  Does anyone else have a method of clearing this?

        SG-4860, pfSense 2.4.5-RELEASE-p1 (amd64)

        1 Reply Last reply Reply Quote 0
        • beremonavabiB
          beremonavabi
          last edited by

          I don't know if it's actually the reason for this (I'd been using this configuration for months without problem), but it looks like it might be a conflict between a Traffic Shaper and the OpenVPN clients on the pfSense box.  I'd had a CODELQ traffic shaper on my WAN and both OpenVPN WANs (to reduce buffer bloat).  I turned that off for both OpenVPN WANs (leaving just the WAN) and the problem went away.  With the Traffic Shaper on the OpenVPN WANs, running a speed test at:

          https://www.dslreports.com/speedtest

          invariably resulted in 100% use of one core until I restarted one or the other of my two OpenVPN clients.  Without the Shaper, no problem.

          SG-4860, pfSense 2.4.5-RELEASE-p1 (amd64)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.