[Swan] Pluto consumes all available memory

Will Roberts ironwill42 at gmail.com
Thu Apr 30 23:09:13 EEST 2015


Paul,

On 04/28/2015 09:51 PM, Paul Wouters wrote:
> We have some leak detective code you can enable.
>
> 1) add --leak-detective to the startup argument list of pluto
>    (in the service file)
>
> 2) Let it run until you've seen the process get bigger.
>
> 3) nicely shut down pluto
>    (systemctl stop ipsec.service or ipsec whack --shutdown)
>
> 4) Check the logs for "leak" messages
>
> Paul

Here's  what I had after about 36 hours.

Apr 30 20:03:48 albuquerque pluto[30192]: leak: 4 * struct event in 
event_schedule(), item size: 32
Apr 30 20:03:48 albuquerque pluto[30192]: leak: pluto crypto helpers, 
item size: 64
Apr 30 20:03:48 albuquerque pluto[30192]: leak detective found 5 leaks, 
total size 96

That doesn't seem like a whole lot to me, and making that 20 times worse 
(for 20x the length of time) doesn't seem much worse either. I'll deploy 
this to all of my servers and report back in a while.

--Will


More information about the Swan mailing list