Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense High CPU Load Out Of Nowhere

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 3 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tlf30
      last edited by

      Hello,
      I have been running my pfSense router just fine now for about a year. But in the last couple days, around when I updated to the most recent version of 2.1.3-RELEASE (i386), my CPU load jumped from its normal 23% up to 50-100%. There is no  extra traffic, nothing has changed. I tried rebooting, no change.
      Here is my debugging:

      
# systat -vmstat 1

    1 users    Load  1.00  1.01  1.00                  Jun  8 08:11

Mem:KB    REAL            VIRTUAL                       VN PAGER   SWAP PAGER
        Tot   Share      Tot    Share    Free           in   out     in   out
Act   70792   14960   194996    20048  372676  count            
All   99776   18416  2328312    28432          pages            
Proc:                                                            Interrupts
  r   p   d   s   w   Csw  Trp  Sys  Int  Sof  Flt        cow    3996 total
             40        1M    8  841       156             zfod        ata0 irq14
                                                          ozfod  1998 cpu0: time
49.8%Sys   0.0%Intr  0.4%User  0.0%Nice 49.8%Idle        %ozfod  1998 cpu1: time
|    |    |    |    |    |    |    |    |    |    |       daefr
=========================                                 prcfr
                                        16 dtbuf        1 totfr
Namei     Name-cache   Dir-cache     34708 desvn          react
   Calls    hits   %    hits   %      1050 numvn          pdwak
       3       3 100                   134 frevn          pdpgs
                                                          intrn
Disks   ad0   md0                                   55240 wire
KB/t   0.00  0.00                                   39064 act
tps       0     1                                   24836 inact
MB/s   0.00  0.00                                     240 cache
%busy     0     0                                  372436 free
                                                    28944 buf


      # top -aSH

last pid: 26062;  load averages:  1.00,  1.00,  1.00                                                                                                 up 2+12:47:33  08:12:26
118 processes: 4 running, 93 sleeping, 21 waiting
CPU:  0.0% user,  0.0% nice, 50.0% system,  0.0% interrupt, 50.0% idle
Mem: 37M Active, 24M Inact, 54M Wired, 240K Cache, 28M Buf, 365M Free
Swap: 1024M Total, 1024M Free

  PID USERNAME PRI NICE   SIZE    RES STATE   C   TIME   WCPU COMMAND
   19 root     171 ki-6     0K     8K CPU0    0  60.6H 100.00% [idlepoll]
   11 root     171 ki31     0K    16K RUN     1  56.2H 85.35% [idle{idle: cpu1}]
   11 root     171 ki31     0K    16K RUN     0 204:41 13.38% [idle{idle: cpu0}]
  252 root      76   20  3352K  1196K kqread  0  12:04  0.00% /usr/local/sbin/check_reload_status
   12 root     -32    -     0K   168K WAIT    0   2:40  0.00% [intr{swi4: clock}]
22951 root      64   20  3264K  1252K select  0   1:44  0.00% /usr/local/sbin/apinger -c /var/etc/apinger.conf
91743 root      45    0 31060K 23480K accept  0   1:19  0.00% /usr/local/bin/php{php}
    0 root     -16    0     0K    72K sched   1   0:46  0.00% [kernel{swapper}]
79987 root      44    0  3412K  1436K select  0   0:23  0.00% /usr/sbin/syslogd -s -c -c -l /var/dhcpd/var/run/log -f /var/
   14 root     -16    -     0K     8K -       0   0:23  0.00% [yarrow]
55697 root      47    0 34260K 24560K accept  0   0:22  0.00% /usr/local/bin/php{php}
   12 root     -32    -     0K   168K WAIT    0   0:21  0.00% [intr{swi4: clock}]
51103 root      76   20  3644K  1512K wait    0   0:18  0.00% /bin/sh /var/db/rrd/updaterrd.sh
57889 root      76   20  3644K  1512K wait    0   0:17  0.00% /bin/sh /var/db/rrd/updaterrd.sh
28829 root      44    0  8004K  5540K kqread  1   0:15  0.00% /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.c
    3 root      -8    -     0K     8K -       0   0:09  0.00% [g_up]
   21 root      20    -     0K     8K syncer  1   0:07  0.00% [syncer]
18223 root      44    0  3264K   872K piperd  0   0:06  0.00% logger -t pf -p local0.info
18189 root      44    0  5868K  3344K bpf     1   0:06  0.00% /usr/sbin/tcpdump -s 256 -v -S -l -n -e -ttt -i pflog0
    4 root      -8    -     0K     8K -       0   0:05  0.00% [g_down]
74794 root      64   20  6048K  6068K select  1   0:05  0.00% /usr/local/sbin/ntpd -g -c /var/etc/ntpd.conf -p /var/run/ntp
    8 root     -16    -     0K     8K pftm    1   0:03  0.00% [pfpurge]
   12 root     -64    -     0K   168K WAIT    0   0:03  0.00% [intr{irq14: ata0}]
   66 root      -8    -     0K     8K mdwait  1   0:02  0.00% [md0]
   15 root     -40    -     0K   160K -       1   0:01  0.00% [usb{usbus4}]
   36 root      -8    -     0K    16K l2arc_  1   0:01  0.00% [zfskern{l2arc_feed_threa}]
   36 root      -8    -     0K    16K arc_re  1   0:01  0.00% [zfskern{arc_reclaim_thre}]
10033 root      56    0  3324K  1300K select  0   0:01  0.00% dhclient: bge0 [priv] (dhclient)
   23 root     -16    -     0K     8K sdflus  1   0:01  0.00% [softdepflush]
   22 root     -16    -     0K     8K vlruwt  1   0:01  0.00% [vnlru]
   20 root     -16    -     0K     8K psleep  1   0:01  0.00% [bufdaemon]
   15 root     -40    -     0K   160K -       1   0:01  0.00% [usb{usbus1}]
   15 root     -40    -     0K   160K -       1   0:01  0.00% [usb{usbus0}]
   15 root     -40    -     0K   160K -       1   0:01  0.00% [usb{usbus3}]
   15 root     -40    -     0K   160K -       1   0:01  0.00% [usb{usbus2}]
16084 _dhcp     44    0  3324K  1400K select  1   0:01  0.00% dhclient: bge0 (dhclient)
80937 root      44    0  3352K  1332K nanslp  1   0:00  0.00% /usr/sbin/cron -s
89780 root      61    0  3264K  1028K nanslp  1   0:00  0.00% minicron: helper /usr/local/bin/ping_hosts.sh  (minicron)
49939 nobody    44    0  5512K  2876K select  0   0:00  0.00% /usr/local/sbin/dnsmasq --all-servers --dns-forward-max=5000 
   16 root     -16    -     0K     8K psleep  1   0:00  0.00% [pagedaemon]
95253 root      44    0  3324K  1204K nanslp  1   0:00  0.00% /usr/libexec/getty Pc ttyv0

      I am not sure what I should do. Should I reinstall or is it fine?

      Thanks,
      Trevor

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Do you have device polling enabled in System: Advanced: Networking:? Disable it if you do.

        https://forum.pfsense.org/index.php?topic=30817.0

        Steve

        1 Reply Last reply Reply Quote 0
        • N
          nadir.latif
          last edited by

          Hello,

          We had a problem with high cpu as well. We were running snort and openvpn. The cpu went up every time the network traffic went up. for example if we tried to download a large file, the cpu would jump to 80%. We fixed it by enabling device polling. from System: Advanced: Networking. Enabling device polling is actually a good idea if your hardware is being used close to its capacity. see http://www.cyberciti.biz/faq/freebsd-device-polling-network-polling-tutorial/ and https://blog.pfsense.org/?p=115. Enabling polling disables cpu interrupts, which take a lot of cpu resources. After we enabled device polling the cpu went down to 40%. We also disabled ipv6 under System: Advanced: Networking. see https://forum.pfsense.org/index.php?topic=77493.msg422407#msg422407. If you are running pfsense in a virtualized environment you can get a performance boot by using virtio drivers. https://doc.pfsense.org/index.php/VirtIO_Driver_Support.

          Nadir Latif

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            You may like to read this thread:
            https://forum.pfsense.org/index.php?topic=83861.0;all
            The symptoms you dedcribe sound very similar.

            Steve

            1 Reply Last reply Reply Quote 0
            • N
              nadir.latif
              last edited by

              On high speed networks we can get a performance boost by moving the tcp/ip processing from the operating system to the network card hardware. This is called TCP Offloading. see http://en.wikipedia.org/wiki/TCP_offload_engine. FreeBSD has good support for TCP offloading. In Pfsense it can be enabled by unchecking the "Disable hardware checksum offload" option. In pfsense this option is unchecked by default.

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                The hardware offloading features available in the System: Advanced: Networking: section of the webgui do not include a complete TOE as referenced in that Wiki page. They only offload smaller functions: TSO, LRO and checksum.

                It looks like there is at least some support for TOE in FreeBSD but you would need to enable in manually in pfSense. Importantly I have no idea how it would interact with pf. As referenced in the wiki article once you've handed off the entire TCP stack to hardware much of the OS internal networking features are by-passed. It could be potentially completely redundant in pfSense.

                Steve

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.