High CPU utilization IPFW w/o captive portal



  • Hi All,

    Just noticed that my firewall which averaged maybe 4% total utilization has spiked to 50% in the last day or two.

    Using an older build:

    1.2.3-RELEASE
    built on Sun Dec 6 23:21:36 EST 2009

    I have 2 ipfw processes spiking around 100%! My understanding it that ipfw is only used for either captive portal or bandwidth shaping. We use neither.

    Other processes:

    We use OpenVPN for road warriors and a site-to-site IPSec VPN (though not sure how those are relevant.)

    Anyone know what might be going on or how I might investigate further? Also, I was wondering if I dared kill these processes where I'm not onsite. Would not want firewall to crash! There's several websites behind it.

    When I tryipfw showI get i```
    ipfw: getsockopt(IP_FW_GET): Protocol not available

    
    We use NAT for around 50 public IPs. We also use load-balancing. Could either of those features require ipfw?
    
    Perhaps, pf is not used with NAT enabled (I don't see it in processes.) In other words, we use NAT for everything so ipfw is the fire-walling processes? If thats true, I still see no reason for the sudden spike though.
    
    Thanks!


  • I'm  getting the same problem here.
    ipfw using 100% cpu and I don't use bandwidth nor captive portal.
    This is preventing my firewall rules to refresh.
    I could correlate the problem with the number of IPs inside a Alias list.
    Did you notice that too?

    ps: I use the same pfsense version that you do.



  • there's little chance someone will be able to help you… the version of pfsense you are using has allready been followed by 7 -newer- STABLE releases.

    in other words: try updating to the current -STABLE-  :)

    If the problem persists in the current version, by all means, report back to this thread.



  • Upgrade.