High CPU usage when IPv6 is blocked at firewall #52
Description
Hi team,
I've blocked IPv6 at my firewall, and my headless connector (using a service account) on my Linux server (Alma 9) uses 100% CPU on a single core (non-stop!)
The fix was to disable IPv6 at a kernel level:
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
Using "strace", I observed the client in a busy polling loop. This consumes 100% of one CPU core:
25ms timeout, no events:
epoll_wait(7, [], 32, 25) = 0
Check time:
gettimeofday(...)
Repeat ~40 times/second
epoll_wait(7, [], 32, 25) = 0
Steps to reproduce the issue:by:
- Deploy the Twingate client on a Linux host with IPv6 enabled (ideally Alma, since this is NOT an issue on my other Rocky Linux system)!
- Blocking IPv6 at the perimeter (firewall)
- Attempting to connect to a remote network
The client will spin at 100% CPU until IPv6 is disabled on the host.