Configdaemon litteraly eating the CPU for breakfast.

Started by Noci, Today at 01:48:12 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 01:48:12 PM
The firewall is sluggish at best, any GUI access takes (change of screen) takes several minutes
The dashboard is severly limited in view, most items stay black, only disk usage has some display and sometimes the firewall pie chart.  CPU load starts being in view, but disappears after a minute of so.


When logging in the configd has several (up to #of cores in CPU) subtasks that all take 100% of CPU and live for a few seconds each. (Long enough to seem present in top, short enough to be vanished between ps ax ... filter .. attempt lsof on the pid....

This is continuos.
---8<---
last pid: 58804;  load averages:  5.89,  2.00,  0.82                                                                                           up 11+14:37:26  13:42:41
84 processes:  9 running, 75 sleeping
CPU: 66.0% user,  0.0% nice,  0.8% system,  0.0% interrupt, 33.2% idle
Mem: 761M Active, 1603M Inact, 27M Laundry, 6276M Wired, 104K Buf, 6882M Free
ARC: 4882M Total, 1499M MFU, 3097M MRU, 1368K Anon, 45M Header, 238M Other
     4221M Compressed, 13G Uncompressed, 3.11:1 Ratio
Swap: 8192M Total, 63M Used, 8129M Free

  PID USERNAME    THR PRI NICE   SIZE    RES STATE    C   TIME    WCPU COMMAND
55491 root          1 103    0   118M    76M CPU3     3   0:04 100.20% php
54982 root          1 105    0   120M    78M CPU7     7   0:05 100.20% php
54472 root          1 107    0   110M    75M CPU9     9   0:06 100.16% php
57810 root          1  96    0   104M    70M CPU11   11   0:02 100.07% php
55873 root          1 100    0   106M    72M CPU0     0   0:03 100.04% php
52735 root          1 109    0   112M    78M CPU10   10   0:06  99.71% php
22825 root          1  21    0   270M   102M select   3   0:13   5.67% php-cgi
31611 root         12  68    0   123M    37M accept   3  28:19   0.56% python3.13
39975 root          1  20    0   322M   148M CPU5     5   0:08   0.53% php-cgi
23917 root         23  20    0  1596M   253M uwait    3   8:52   0.20% crowdsec
---8<---


---8<--
31135  -  Is        0:01.15 |-- /usr/local/bin/python3 /usr/local/opnsense/service/configd.py (python3.13)
31611  -  S        28:19.92 | `-- /usr/local/bin/python3 /usr/local/opnsense/service/configd.py console (python3.13)
  251  -  S         0:09.75 |   |-- /usr/local/bin/php /usr/local/sbin/pluginctl -S
12288  -  S         0:10.44 |   |-- /usr/local/bin/php /usr/local/sbin/pluginctl -S
28963  -  R         0:08.95 |   |-- /usr/local/bin/php /usr/local/opnsense/scripts/routes/gateway_status.php
31240  -  R         0:08.16 |   |-- /usr/local/bin/php /usr/local/sbin/pluginctl -S
31483  -  R         0:06.70 |   |-- /usr/local/bin/php /usr/local/opnsense/scripts/ipsec/get_legacy_vti.php
31737  -  R         0:06.69 |   |-- /usr/local/bin/php /usr/local/opnsense/scripts/routes/gateway_status.php
31832  -  R         0:05.06 |   |-- /usr/local/bin/php /usr/local/opnsense/scripts/ipsec/get_legacy_vti.php
32199  -  R         0:04.56 |   |-- /usr/local/bin/php /usr/local/sbin/pluginctl -D
41813  -  R         0:03.57 |   |-- /usr/local/bin/php /usr/local/sbin/pluginctl -D
42362  -  R         0:02.12 |   `-- /usr/local/bin/php /usr/local/opnsense/scripts/routes/gateway_status.php
32146  -  Ss       16:08.03 |-- /usr/local/sbin/collectd
---8<---

Any idea what causes this?  might be since upgrade to 26.1.5...
Currently running OpnSense 26.1.8_5
Today at 02:02:37 PM #1
Do you maybe have a very large config.xml file?

Check size in /conf/config.xml
Hardware:
DEC740
Today at 02:10:08 PM #2
---8<---
# ls -l  /conf/config.xml
-rw-r-----  1 wwwonly wheel 4247118 May 28 13:59 /conf/config.xml
---8<---

Not sure what is considered to be large...
94 Alias Firewall entries (grep "alias uuid"...)
Firewall new rules, 21796 (grep "rule uuid" lines).

It may be connected to attempting to allow IDP/IPS to actualy start doing something. Not exactly sure though.

Today at 02:24:54 PM #3
That's 4 Megabytes, not too large.

I would have expected large starting at 30-40 Megabytes or more, can happen when certain plugins are used.

Are you using the frr plugin or any other plugins maybe?

Also what kind of CPU are we talking about?
Hardware:
DEC740
Today at 02:29:55 PM #4 Last Edit: Today at 02:53:26 PM by Noci
i have not enabled frr rules...,

I removed all entries with <enabled>0</enabled> in them , most were in then  <IDS....><rules>...</rules>...</IDS..>  section.

Filesize is now: 599186 bytes (17K lines).

with 172 "rules uuid" left.

This did work out. the system does behave like before now.

(I could hardly find anything on configd using the regular search methods though, at least i known where to look).

System info:
FreeBSD 14.3-RELEASE-p12 stable/26.1-n272089-81f87c4d694c SMP amd64
OPNsense 26.1.8_5 d67741d16
Plugins os-cache-1.0_1 os-chrony-1.5_3 os-collectd-1.4_1 os-cpu-microcode-intel-1.1 os-crowdsec-1.0.12 os-dnscrypt-proxy-1.16_2 os-etpro-telemetry-1.8_1 os-freeradius-1.10.1 os-frr-1.52 os-git-backup-1.1_3 os-igmp-proxy-1.5_6 os-intrusion-detection-content-et-open-1.0.2_2 os-intrusion-detection-content-ptopen-1.0 os-iperf-1.0_2 os-isc-dhcp-1.0_4 os-lldpd-1.2 os-maltrail-1.10_1 os-mdns-repeater-1.2 os-nextcloud-backup-1.2 os-ntopng-1.3 os-nut-1.9_1 os-openconnect-1.4.6 os-redis-1.1_4 os-smart-2.4 os-stunnel-1.0.6_1 os-theme-cicada-1.41_1 os-theme-rebellion-1.9.4 os-udpbroadcastrelay-1.0_6 os-upnp-1.9 os-vnstat-1.3_1 os-wol-2.5_4 os-zabbix7-agent-1.19
Time Thu, 28 May 2026 14:37:06 +0200
OpenSSL 3.0.20
Python 3.13.13
PHP 8.3.30

CPU info:
12th Gen Intel(R) Core(TM) i7-1265U (10 cores, 12 threads)

Memory:
16GB

(Should be sufficient.)
Print
Go Up Pages1
User actions