What's new

Logging maxes out CPU under heavy network load


Occasional Visitor
RT-AC87U 384.9

Recently I enabled the firewall log (allow/deny), along with dnsmasq ( log-queries=extra ), which are all being sent externally via syslog. Also have Diversion + pixelserv-tls enabled.

Only during peak internet usage (aka bittorrent on a workstation) does the CPU go to 100% from the excessive logging. This dramatically affects the download speeds and nearly brings the Internet to a stop for the house for all users.

No QoS enabled.
UPnP disabled.
WiFi radios disabled (have external AP - Ubiquity)
NAT : Enabled (CTF only)
Diversion has 1 GB swap.
All workstations connected via 1 GB Ethernet.

Installed dstat (yay entware) to better track the performance issues during an incident. Attached are two pics. first is steady state and then firing up BT. second pic is turning off BT and then router taking while to slowly get back to normal.

Is there anything which can be done to increase the logging performance? Or am I needing to get a new (and now more SOHO / USG) dedicated router?



Part of the Furniture
Unless you can use a lighter or more efficient logging package, it seems you need more CPU power.

The least expensive router with the most CPU power (1.8GHz dual-core) today is the RT-AC86U.

The AX routers may also be useful in your circumstances if the extra RAM they offer will help with the Gbps ISP and logging requirements (the top model has 1GB RAM and a quad-core 1.8GHz CPU).

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!