[strongSwan-dev] [PATCH] Fix unnecessary dumping of entire routing table.
oliver.d at prodege.com
Tue Sep 29 02:37:28 CEST 2015
After deploying strongswan on a box with full IPv4 BGP tables, I found that
charon has basically locked up completely and one of the threads was maxxing
out a CPU core.
Upon attaching to the errant thread I discovered it was happening within the
get_route() code for libhydra's netlink plugin. I then noticed that the code
for triggering a full dump of the routing table looked very wrong and was
certainly incongruous with the comment directly below it.
I also note commit 6bd1216e7a8a41eb6c103c27a05f50871e1aef99 which appears to
have wanted to fix the issue without actually fixing it.
Following this message is a patch that, for me at least, fixed the issue. It's
based off of 5.3.3 but it should apply to master just fine since it hasn't been
modified since then.
kernel_netlink_net: Fix erroneous dumping of whole routing table.
src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
More information about the Dev