Hello list, I am looking for suggestions how to identify the source(s) of what appears to be a memory leak of approx. 10 MByte/day on a clustered pair of filtering bridges. These bridges are running i386 -current snapshot from Nov 2nd. They form outer, Internet-facing stage of a two stage firewall in an enterprise setup.
Before we received two new i386 servers, the same setup was running on two sparc64 servers with a snapshot about one month old. Back then, I observed the same steady decrease of memory, graphing trends using net-snmp and Cacti. Those old sparc64 servers only had 192 MByte of RAM, they ran out of memory and stopped working after 10 days or so. As I had some difficulties to get net-snmp to run at all on sparc64 (see patch posted to this list earlier), I was hoping to get away from this apparent memory leak once I migrate to to newer i386 servers. After the migration from sparc64 to i386, indeed the memory consumed during the first few days remained constant. Thereafter however, the steady decrease of free memory also started to appear on the i386 much like with the sparc64. I disabled all SNMP GET operations for a few hours, just to see if the leak might be caused by net-snmp, but the leakage continues during this time too. Staring at the output of 'systat vmstat' etc. did not help either. The pragmatic work-around for the moment is cron job that reboots each of the cluster nodes once a week. There is is enough headroom with 1 GByte of RAM on these i386 servers. The two cluster nodes reboot at different times, so the service is interrupted only for a few seconds until rapid spanning tree completes fail-over. At the moment, on a much smaller scale, I replicate such a two stage clustered firewall setup for home use. based on OpenBSD flashboot, WRAP / ALIX boards from PCengines and surplus Nokia IP120s which I converted to OpenBSD. Also because the WRAPs have only 128 MByte of RAM, I very much like to get to the root cause of that apparent memory leak in my clustered filtering bridge configuration. I am grateful for any hints and suggestions how to track it down. Thanks, Rolf
