XG-7100-1U High CPU Usage



  • Hey all,

    Not sure if this is the correct place to post this but I think it is. I have two XG-7100-1U routers in place. One at our office and one at our datacenter location. I have an OpenVPN tunnel set up between the two locations. The router in the datacenter location is showing really high CPU usage, (this is the server side of the OpenVPN tunnel), while the office router is showing low CPU usage, (about 12% usage and this is the client side of the OpenVPN tunnel).

    I'm not sure why the one router has such high CPU usage and it concerns me some. I've attached a couple of screenshots showing the usage. Has anyone seen something like this before? Or is this normal etc.

    Also I'm not really sure what the Cryptographic Hardware setting should be set to under System->Advanced->Miscellaneous. And I'm also not sure what the Hardware Crypto should be set to under the configuration for the OpenVPN tunnel itself VPN->OpenVPN->Servers->Edit OpenVPN tunnel config->Hardware Crypto

    Thanks for any help anyone can provide. I'm still learning pfSense over the past few months.

    Thanks,

    Jeff

    ColoSystemActivity1.png ColoRouter1.png


  • Netgate Administrator

    It looks like the rate process is stuck there for some reason.

    What packages do you have installed on there?

    Steve



  • Hey Steve,

    Thanks for the reply. Just the core packages are installed, and the OpenVPN Client Export package. Screenshot included.

    I see there is an update for the OpneVPN Client Export Package available, guess I should run that update.

    ColoInstallledPackages1.png


  • Netgate Administrator

    Do you have a dashboard sat open somewhere with traffic graphs up for that interface?

    It should use anywhere near that even if you did but that's what the command is used for.

    It should be safe enough to kill those processes if you can't reboot. I suggest removing or hiding the traffic graph by default if you do have it up to avoid hitting it again.

    Steve



  • Steve,

    I can't think of anywhere else I might have the dashboard open on another PC etc. I'm the only person that logs into this router, which I do from my desk at work.

    I'm still learning pfSense so which processes need to be killed and how would I go about doing that? Command line? Or you can point me in the right direction documentation wise on how to do that.

    Again, thanks for your help and input on this, it is very much appreciated.

    -Jeff


  • Netgate Administrator

    You can kill those processes by the process number either at the command line or from Diagnostics > Command Prompt. E.g:

    kill 67039

    That should be a last resort in most cases. You should never normally need to kill processes but that has been running so long it's hard to imagine it's anything but stuck.

    Steve



  • Steve,

    I killed those three stuck processes and the CPU usage is back down to 10%-11%, which is the normal range.

    Thanks so much for your insight and help with this!

    -Jeff


  • Netgate Administrator

    Good to hear.

    Keep an eye on it, it's not clear what caused that.

    Steve


Log in to reply