Memleak with 0.0.20171221-5 on Debian stretch
baptiste at bitsofnetworks.org
Mon Feb 12 08:42:55 CET 2018
On 12-02-18, Baptiste Jonglez wrote:
> Hi Jason,
> On 12-02-18, Jason A. Donenfeld wrote:
> > Secondly, I'm wondering if you tend to do, "anything strange". For
> > example -- are you setting up and taking down the device often in an
> > automated way? Or reconfiguring the interface (via wg(8), for example)
> > often in an automated way? Or is the sustained day-in-day-out workload
> > that leads to this graph simply forwarding and encrypting/decrypting
> > packets as usual? If it's the latter, does this device tend to encrypt
> > or decrypt more, or both equally?
> It's the latter "day-in-day-out" option: the system has a single wireguard
> interface, which is configured once at boot-time, and then used
> extensively to forward traffic. It tends to encrypt more than it
Actually, now that I talk about it, it's not 100% true: on this system,
there is a second wireguard interface that is not currently used (it's
provisionned to connect a future router that is not yet deployed).
The interesting part: this interface has a single peer which has no
endpoint but a persistent keepalive. It looks like this:
public key: XXXXXXXXXXXXXXXXXX
private key: (hidden)
listening port: 56008
allowed ips: 0.0.0.0/0, ::/0
persistent keepalive: every 25 seconds
Maybe wireguard allocates something to send the persistent keepalive, then
bails out because we don't know the endpoint of the peer?
I have taken this second interface down, but it has not released any
memory. I am now leaving it up without the persistent keepalive, just in
case something interesting happens.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the WireGuard