Page MenuHomeVyOS Platform

accel-ppp eats al memory with small sstp config
Open, HighPublicBUG

Description

hi,

I tried this config:

vyos@vyos:~$ show configuration commands
set interfaces ethernet eth0 address 'dhcp'
set interfaces ethernet eth0 address 'dhcpv6'
set interfaces ethernet eth0 hw-id '08:00:27:bc:40:19'
set interfaces ethernet eth0 ipv6 address autoconf
set interfaces ethernet eth1 hw-id '08:00:27:0b:d1:40'
set interfaces ethernet eth2 hw-id '08:00:27:40:63:64'
set interfaces ethernet eth3 hw-id '08:00:27:6e:10:21'
set interfaces loopback lo
set service ssh
set system config-management commit-revisions '100'
set system console device ttyS0 speed '115200'
set system host-name 'vyos'
set system login user vyos authentication encrypted-password '$6$FxKIHB4Vqj2U5u/4$xAsKwr8j1HX1fot66n1r1GuAEkyhf853tXiNPBMxns/zxGRunU//W932.KtdaxADn6NJwMLl6UIgPYVXNyx7d/'
set system login user vyos authentication plaintext-password ''
set system ntp server 0.pool.ntp.org
set system ntp server 1.pool.ntp.org
set system ntp server 2.pool.ntp.org
set system syslog global facility all level 'info'
set system syslog global facility protocols level 'debug'
set vpn sstp authentication local-users username foo password 'bar'
set vpn sstp authentication mode 'local'
set vpn sstp network-settings client-ip-settings gateway-address '192.0.2.254'
set vpn sstp network-settings client-ip-settings subnet '192.0.2.0/25'
set vpn sstp network-settings client-ipv6-pool prefix 2001:db8::/64 mask '128'
set vpn sstp network-settings name-server '10.0.0.1'
set vpn sstp network-settings name-server '10.0.0.2'
set vpn sstp ssl ca-cert-file '/config/user-data/sstp/ca.crt'
set vpn sstp ssl cert-file '/config/user-data/sstp/server.crt'
set vpn sstp ssl key-file '/config/user-data/sstp/server.key'
vyos@vyos:~$

After commit:

Jun 08 11:54:14 vyos kernel: Out of memory: Kill process 5693 (accel-pppd) score 900 or sacrifice child
Jun 08 11:54:14 vyos kernel: Killed process 5693 (accel-pppd) total-vm:1907184kB, anon-rss:1833484kB, file-rss:1656kB, shmem-rss:0kB
Jun 08 11:54:14 vyos kernel: oom_reaper: reaped process 5693 (accel-pppd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB
Jun 08 11:54:14 vyos systemd[1]: accel-ppp@sstp.service: Main process exited, code=killed, status=9/KILL
Jun 08 11:54:14 vyos systemd[1]: accel-ppp@sstp.service: Failed with result 'signal'.
Jun 08 11:54:15 vyos systemd[1]: accel-ppp@sstp.service: Service RestartSec=100ms expired, scheduling restart.
Jun 08 11:54:15 vyos systemd[1]: accel-ppp@sstp.service: Scheduled restart job, restart counter is at 30.
Jun 08 11:54:15 vyos systemd[1]: Stopped Accel-PPP - High performance VPN server application for Linux.
Jun 08 11:54:15 vyos systemd[1]: Starting Accel-PPP - High performance VPN server application for Linux...
Jun 08 11:54:15 vyos systemd[1]: accel-ppp@sstp.service: Can't open PID file /run/accel-pppd/sstp.pid (yet?) after start: No such file or directory
Jun 08 11:54:15 vyos systemd[1]: Started Accel-PPP - High performance VPN server application for Linux.

every second. Box has 2GB RAM.

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.3-rolling-202006070117
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

rherold created this task.Jun 8 2020, 12:02 PM
rherold created this object in space S1 VyOS Public.
syncer assigned this task to Dmitry.Jun 8 2020, 12:05 PM
syncer triaged this task as High priority.
pasik added a subscriber: pasik.Jun 8 2020, 1:47 PM
syncer changed the subtype of this task from "Task" to "Bug".

In this case, SSTP daemon trying to allocate RAM for ipv6 pool and router does not have enough RAM. Dynamic memory allocation is not implemented for ip-pools.
Maybe, in this case, we need to calculate before commit, and show commit fail message with reason?
Calculating:
2^64 bit = 18446744073709551616 bit or 2305843009213693952 byte
2305843009213693952 * 64 (structure size byte) = 147573952589676412928 byte or 137438953472 GB
Correct me if my calculation wrong.