From owner-freebsd-hackers@FreeBSD.ORG  Mon Mar 27 18:59:19 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: hackers@freebsd.org
Delivered-To: freebsd-hackers@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C30A216A400
	for <hackers@freebsd.org>; Mon, 27 Mar 2006 18:59:19 +0000 (UTC)
	(envelope-from maxim@macomnet.ru)
Received: from mp2.macomnet.net (mp2.macomnet.net [195.128.64.6])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2328F43D60
	for <hackers@freebsd.org>; Mon, 27 Mar 2006 18:59:18 +0000 (GMT)
	(envelope-from maxim@macomnet.ru)
Received: from localhost (localhost [127.0.0.1])
	by mp2.macomnet.net (8.13.4/8.13.3) with ESMTP id k2RIxGJV089932;
	Mon, 27 Mar 2006 22:59:16 +0400 (MSD)
	(envelope-from maxim@macomnet.ru)
Date: Mon, 27 Mar 2006 22:59:16 +0400 (MSD)
From: Maxim Konovalov <maxim@macomnet.ru>
To: "Michael W. Lucas" <mwlucas@blackhelicopters.org>
In-Reply-To: <20060327184643.GA58674@bewilderbeast.blackhelicopters.org>
Message-ID: <20060327224826.U89207@mp2.macomnet.net>
References: <20060327160130.GA57689@bewilderbeast.blackhelicopters.org>
	<20F3E06D-5727-4531-A81B-DF64765D1564@SARENET.ES>
	<20060327173841.GA58274@bewilderbeast.blackhelicopters.org>
	<20060327214209.U87890@mp2.macomnet.net>
	<20060327181501.GA58448@bewilderbeast.blackhelicopters.org>
	<20060327222836.J89207@mp2.macomnet.net>
	<20060327184643.GA58674@bewilderbeast.blackhelicopters.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: hackers@freebsd.org
Subject: Re: syslogd not draining
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2006 18:59:19 -0000

[...]
> > ~100 datagrams per second, not a lot.  Perhaps they are huge.
>
> Not that I've noticed.  It's syslogd, DHCP, DNS, and flow-capture
> from a variety of devices, all generally small packets.

I know nothing about your netflow setup but it can generate a
huge amount of udp traffic.  Check 'pkts' and 'lost' fields in
/var/log/flow-capture.

> > > > How much cpu time does syslogd use?
> > >
> > > Not much.  ps -ax | grep syslog gives:
> > >
> > >  4317 ??  Ss 0:01.60 /usr/sbin/syslogd -l /var/run/log -l
> > >  /var/named/var/run/log
> >
> > Try to remove a log socket for named and restart syslogd.
>
> Removed the named socket and restarted.  We'll see what happens.
[...]

Can you check there is nothing from syslogd on the serial console?

-- 
Maxim Konovalov