[FROG] RPKI process efficiency
Celsa Sanchez
ccssantana25 at gmail.com
Fri May 16 14:54:36 UTC 2025
Hi,
I'm also experiencing high CPU usage after enabling RPKI validation in FRR.
I'm running version 9.0.1 on Ubuntu 20.04.6 LTS.
Additionally, I'm having trouble stopping the RPKI validation using
`vtysh`.
Is there any known issue with this version, or recommended steps to
properly reset or disable RPKI?
Any suggestions would be appreciated.
Best regards,
Celsa Sánchez
El lun, 25 nov 2024 a las 5:43, Darshan Kowlaser via frog (<
frog at lists.frrouting.org>) escribió:
>
>
>
> ---------- Forwarded message ----------
> From: Darshan Kowlaser <darshan at darshankowlaser.com>
> To: frog at lists.frrouting.org
> Cc:
> Bcc:
> Date: Mon, 25 Nov 2024 10:22:11 +0200
> Subject: RPKI process efficiency
> Hello
>
> I'm experiencing high CPU usage on my RPKI process which is very odd. To
> elaborate, I have two vyos boxes that have similar configuration for the
> edge just handling BGP and OSPF to the core. On one of the routers I have
> excessively high CPU usage and when checking the processes RPKI sits very
> high compared to the other router.
>
> FRR Version:
> `*FRRouting 9.1.1 (za-ct-ter-dc-rt-edge-01) on Linux(6.6.43-amd64-vyos).*
>
>
> *Copyright 1996-2005 Kunihiro Ishiguro, et al.configured with:
> '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include'
> '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info'
> '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking'
> '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu'
> '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode'
> '--localstatedir=/var/run/frr' '--sbindir=/usr/lib/frr'
> '--sysconfdir=/etc/frr' '--with-vtysh-pager=/usr/bin/pager'
> '--libdir=/usr/lib/x86_64-linux-gnu/frr'
> '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules'
> '--disable-dependency-tracking' '--enable-rpki' '--enable-scripting'
> '--enable-pim6d' '--with-libpam' '--enable-doc' '--enable-doc-html'
> '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq'
> '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256'
> '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty'
> '--enable-configfile-mask=0640' '--enable-logfile-mask=0640'
> 'build_alias=x86_64-linux-gnu' 'PYTHON=python3'*
> `
>
> Here is my RPKI configuration on the router experiencing high process CPU
> usage :
>
> In Vtysh:
> `*rpki*
>
> * rpki cache cpt-rpki-validator-01.example.xyz
> <http://cpt-rpki-validator-01.example.xyz> 3323 preference 1 rpki cache
> cpt-rpki-validator-02.example.xyz
> <http://cpt-rpki-validator-02.example.xyz> 8282 preference 2*
> `
>
> In VyOS:
> `*set protocols rpki cache cpt-rpki-validator-01.example.xyz
> <http://cpt-rpki-validator-01.example.xyz> port '3323'*
>
>
>
> * set protocols rpki cache cpt-rpki-validator-01.example.xyz
> <http://cpt-rpki-validator-01.example.xyz> preference '1' set protocols
> rpki cache cpt-rpki-validator-02.example.xyz
> <http://cpt-rpki-validator-02.example.xyz> port '8282' set protocols rpki
> cache cpt-rpki-validator-02.example.xyz
> <http://cpt-rpki-validator-02.example.xyz> preference '2'*
> * set protocols rpki polling-period '3600*
> `
>
> The only thing different on the other box is that the server preference is
> inverted. RPKI servers are running routinator and stayRTR, the router with
> the issue preferences routinator. See below showing that it is the most
> intensive process on the CPU :
>
> [image: image.png]
>
> Would be greatly appreciated if anyone could advise.
>
>
>
> ---------- Forwarded message ----------
> From: Darshan Kowlaser via frog <frog at lists.frrouting.org>
> To: frog at lists.frrouting.org
> Cc:
> Bcc:
> Date: Mon, 25 Nov 2024 10:22:11 +0200
> Subject: [FROG] RPKI process efficiency
> _______________________________________________
> frog mailing list
> frog at lists.frrouting.org
> https://lists.frrouting.org/listinfo/frog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20250516/143b44d0/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 32278 bytes
Desc: not available
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20250516/143b44d0/attachment-0001.png>
More information about the frog
mailing list