RPKI, this is getting a bit frustrating
Chris Knipe
savage at savage.za.org
Thu Sep 28 15:24:21 UTC 2023
Hi All,
Been battling with this one now for a while, through a few different versions, and I am pulling my hair out here.... Is there any memory leaks in RPKI???
My RPKI config:
rpki
rpki cache 172.65.0.2 8282 preference 1
rpki cache 172.65.0.2 8283 preference 2
exit
Nothing more, nothing less. RPKI is (not yet) used in any route-maps, policies, etc.
RPKI works absolutely fine. However, when I start bgpd, it has a resident memory size of ~3.6G (fine, considering it's loading multiple full tables for IPv4 & ipv6). When RPKI isn't configured, the router is stable, and memory usage is consistent and constant at ~3.6GB.
However, as soon as RPKI is enabled, bgpd grows about 600MB in resident memory per day. Eventually, the system runs out of memory and bgpd is restarted (which, is obviously bad).
root at MY-LOC-RS01A:~# ps auxxw|grep bgpd
root 802 0.0 0.0 8784 2844 ? S<s Sep26 1:02 /usr/lib/frr/watchfrr -d -F traditional zebra mgmtd bgpd ospfd ospf6d staticd
frr 850 16.8 54.7 4656684 4429752 ? S<sl Sep26 547:23 /usr/lib/frr/bgpd -d -F traditional -A 127.0.0.1 -M rpki -e 10
root 12813 0.0 0.0 6608 2312 pts/2 S+ 17:21 0:00 grep --color=auto bgpd
We're already at 4.6GB up from 3.6GB when BGP has initially started (2d uptime for the longest BGP peer - see below).
FRR version, and IPv4 BGP Peers (with prefixes):
ZA-CTN-RS01A# sh ver
FRRouting 9.0.1 (MY-LOC-RS01A) on Linux(5.15.0-84-generic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
'--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--localstatedir=/var/run/frr' '--sbindir=/usr/lib/frr' '--sysconfdir=/etc/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr' '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-rpki' '--disable-scripting' '--enable-pim6d' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq' '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'PYTHON=python3'
IPv4 Unicast Summary (VRF default):
BGP router identifier aaa.bbb.112.164, local AS number xxxxxx vrf-id 0
BGP table version 8318219
RIB entries 1693671, using 310 MiB of memory
Peers 12, using 245 KiB of memory
Dampening enabled.
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
aaa.bbb.112.165 4 xxxxxx 723094 1164605 8318219 0 0 2d05h58m 4 1665344 MY-LOC-RS01B
aaa.bbb.112.240 4 xxxxxx 265406 743205 8318219 0 0 2d05h58m 835450 922653 MY-LOC-TR01A
aaa.bbb.112.241 4 xxxxxx 156145 763504 8318219 0 0 2d05h58m 603608 922653 MY-LOC-TR01B
aaa.bbb.112.242 4 xxxxxx 26776 761874 8318219 0 0 2d05h58m 113141 922653 MY-LOC-PR01A
aaa.bbb.112.243 4 xxxxxx 37609 761874 8318219 0 0 2d05h58m 113141 922653 MY-LOC-PR01B
aaa.bbb.112.244 4 xxxxxx 3241 745167 8318219 0 0 2d05h58m 0 922653 MY-LOC-CR01A
aaa.bbb.112.245 4 xxxxxx 3241 743205 8318219 0 0 2d05h58m 0 922653 MY-LOC-CR01B
aaa.bbb.112.248 4 xxxxxx 384 436702 8318219 0 0 06:16:02 0 922653 MY-LOC-IKE01A
aaa.bbb.112.249 4 xxxxxx 381 306758 8318219 0 0 06:18:32 0 922653 MY-LOC-IKE01B
aaa.bbb.113.151 4 xxxxxx 0 0 0 0 0 never Active 0 MY-LOC-RS01A
aaa.bbb.113.152 4 xxxxxx 0 0 0 0 0 never Active 0 MY-LOC-RS01B
Total number of neighbors 11
Thanks,
Chris.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20230928/4b329bbf/attachment.htm>
More information about the frog
mailing list