What's new

Jitterentropy-Rngd high CPU use

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

michaels2408

Occasional Visitor
Recently updated my RT-AC88U to 386.2.4 . Since, I have seen very high CPU usage from the jitterentropy-rngd daemon, somtimes as high as 80% getting close to maxing out both cores. On a positive note this is not consistent. It waxes and wanes with usage increases when WAN throughput is higher. Is this normal?

1620289360616.png
 
You’re also running haveged which is probably trying to do the same thing. Maybe a conflict?
 
A yes missed that. Was installed when I added DNScrypt. Remove and working much better. Thank you for seeing that.
 
Hmm. I have this too but i cannot locate how to easily remove it.

This is a new install and it will have got in with amtm and i have installed:

DIversion
Skynet
scribe
unbound Manager
uiDivStats
uiScribe

Any suggestions on how to isolate and resolve the issue cleanly? Im new to asuswrt but familar with linux etc.
 
Haveged usually installs with DNScrypt which you do not have listed. If it is installed then the easiest way is to go to ssh into the router and navigate to /tmp/opt/etc/init.d . Look for S**haveged startup script, remove and reboot. If you want to save the script just move it to another directory.
 
Ok nice now i know where init.d is i feel better :)

i just made it non executable "chmod -x S02haveged"
 
I recommend you notify script developers that they should ensure they do not install haveged when another entropy generating daemon is present.
 
In dnscrypt installer, Haveged is optional to install. Can be uninstalled from dnscrypt installer menu also.
It is not the entware version of haveged that is used by dnscrypt installer, Think this version was compiled especially for asuswrt-merlin.
I have dnscrypt installer's haveged installed and have not noticed any issues so far, been keeping a eye on it since this tread came.
 
Last edited:
In dnscrypt installer, Haveged is optional to install. Can be uninstalled from dnscrypt installer menu also.
It is not the entware version of haveged that is used by dnscrypt installer, Think this version was compiled especially for asuswrt-merlin.
I have dnscrypt installer's haveged installed and have not noticed any issues so far, been keeping a eye on it since this tread came.
Just wonder if 2 entropy generators running, will it be better or just generating unnecessary cpu load?
 
Just wonder if 2 entropy generators running, will it be better or just generating unnecessary cpu load?
The use of more then one RNG will make the entropy in the pool more unpredictable.
I am no expert on the RNG`s but found this command to check the pool:
Code:
cat /proc/sys/kernel/random/entropy_avail
With dnscypt installer`s Haveged(and entware version), The pool can never get below 1024bit i think, maximum should be 4096bit
I still haven`t seen any cpu spikes here with using both. Ofc if it seems to be a issue, Haveged should be removed.
When available, other sources of randomness are used to stir the entropy pool and make it less predictable.
Code:
PID  PPID    USER    STAT VSZ   VSZ%    CPU  CPU% ↓  COMMAND
911     1    izzt    S    7548    0.8    0    0.0    /jffs/dnscrypt/haveged -w 1024 -d 32 -i 32 -v 1
1094    1    izzt    S    2004    0.2    0    0.0    /usr/sbin/jitterentropy-rngd -p /var/run/jitterentropy-rngd.pid
Some extra info:
 
Last edited:
I am no expert on the RNG`s but found this command to check the pool:
Code:
cat /proc/sys/kernel/random/entropy_avail
With dnscypt installer`s Haveged(and entware version), The pool can never get below 1024bit i think, maximum should be 4096bit
I still haven`t seen any cpu spikes here with using both. Ofc if it seems to be a issue, Haveged should be removed.

Code:
PID  PPID    USER    STAT VSZ   VSZ%    CPU  CPU% ↓  COMMAND
911     1    izzt    S    7548    0.8    0    0.0    /jffs/dnscrypt/haveged -w 1024 -d 32 -i 32 -v 1
1094    1    izzt    S    2004    0.2    0    0.0    /usr/sbin/jitterentropy-rngd -p /var/run/jitterentropy-rngd.pid
Some extra info:
Did a test with jitterentropy alone (no haveged installed), also 1024-1033.

If u have both installed and still 1024 mean no effect but waste memory and cpu resources?
 
Did a test with jitterentropy alone (no haveged installed), also 1024-1033.

If u have both installed and still 1024 mean no effect but waste memory and cpu resources?
Just updated my previous post to better answer your question.
The use of more then one RNG will make the entropy in the pool more unpredictable.
Maybe it is overkill in using more then one..
I am still using it to test if i get any conflicts or increased cpu use from it.
 
Last edited:
Unbound Manager installs it too.
Any idea whether removing it breaks Unbound Manager ?
Enjoying stability of 386.2_4 and lack the expertise to know the answer ... and sure don't want to break anything ;)!
 
Any idea whether removing it breaks Unbound Manager ?
Enjoying stability of 386.2_4 and lack the expertise to know the answer ... and sure don't want to break anything ;)!
I don’t know that there was ever a good reason to install it with Unbound, but there were a lot of conflicting ideas back in those days. :)
 
Just updated my previous post to better answer your question.

Maybe it is overkill in using more then one..
I am still using it to test if i get any conflicts or increased cpu use from it.
from what I can tell there seems to be no interaction between haveged and jitterentropy-rngd, specifically logs should be examined around the time these cpu spikes occur. I think the spikes may be related to something else.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top