Mr. Demeanour wrote: > Mr. Demeanour wrote: >> Hi, >> >> I'm running a central rsyslog server with a couple of remote WAN >> (internet) clients and several remote LAN clients. Traffic is low - >> of the order of 10,000 messages per day. Internet clients >> communicate with the server using gnutls. LAN clients are currently >> using UDP. The server writes client logs to mysql, and also writes >> messages of local origin to disk. > > Further to this: > > I have been running 4.5.6 for about a week now, *without* gnutls > enabled. No leaks. > > This evening I re-enabled gnutls, and almost immediately noted > excessive memory usage, *and* 99% cpu. > > It seems that the high CPU usage occurs with hosts outside my local > network; it may be that there is some misconfiguration of NAT that is > behind that problem.
Not NAT. It seems that I had set up the server certificate with an incorrect CN. I guess the client was trying repeatedly to make a connection that was doomed to fail every time. That would explain the CPU spike. If there is also a memory leak in the gnutls server code concerning connection setup, that would explain the memory consumption also. Perhaps rsyslog should give up trying to connect to a remote server, or at least back off, if the error it encounters is of a kind that most likely requires human intervention? Such would generally be the case if a certificate is invalid. -- Jack. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
