Options * http/1.0, apache 2.4, freebsd

Invader Zim

Invader Zim

Verified User
Joined
Sep 4, 2004
Messages
177
Normally this is what I see on any given server in top (only displaying active processes):

Code: 
last pid: 86235;  load averages:  0.39,  0.43,  0.46                                up 169+06:02:53 19:30:06
268 processes: 1 running, 267 sleeping
CPU: 16.7% user,  0.0% nice,  7.0% system,  0.0% interrupt, 76.3% idle
Mem: 5719M Active, 7086M Inact, 1631M Wired, 326M Cache, 1619M Buf, 821M Free
Swap: 4096M Total, 14M Used, 4082M Free

  PID USERNAME    THR PRI NICE   SIZE    RES STATE   C   TIME   WCPU COMMAND
49836 mysql        21  49    0   779M   698M sbwait  0   0:06  8.35% [mysqld]
40309 root          1  44    0 11384K  4088K CPU2    2  14:23  0.29% top
86231 user03        1  76    0 97984K 46340K vnread  2   0:00  0.00% /usr/local/php5/bin/php-cgi /home/user0

Server is working fine, I can see 1 PHP process running.

Now, one of the servers is displaying this:
Code: 
last pid: 43762;  load averages:  1.21,  1.65,  1.82                                up 98+22:31:33  19:32:14
310 processes: 3 running, 305 sleeping, 2 zombie
CPU: 27.4% user,  0.0% nice,  4.7% system,  0.2% interrupt, 67.7% idle
Mem: 1369M Active, 1401M Inact, 574M Wired, 186M Cache, 410M Buf, 333M Free
Swap: 4096M Total, 430M Used, 3666M Free, 10% Inuse, 4K In

  PID USERNAME     THR PRI NICE   SIZE    RES STATE   C   TIME   WCPU COMMAND
43520 apache         1  52    0 52572K 36792K lockf   0   0:05 10.16% /usr/sbin/httpd -k start -DSSL
43651 apache         1  48    0 52572K 36804K lockf   1   0:03  6.15% /usr/sbin/httpd -k start -DSSL
43735 apache         1  51    0 50524K 34736K lockf   0   0:01  3.37% /usr/sbin/httpd -k start -DSSL
43289 apache         1  48    0 52572K 36796K lockf   0   0:05  2.78% /usr/sbin/httpd -k start -DSSL
43645 apache         1  46    0 50524K 35020K kqread  0   0:01  2.69% /usr/sbin/httpd -k start -DSSL
29809 mysql         17  44    0   364M   231M sbwait  0   0:00  0.10% [mysqld]
43761 user01         1  98    0   102M 46104K RUN     1   0:01  0.00% /usr/local/php5/bin/php-cgi /home/user
43762 user06         1  49    0 71444K 15332K nanslp  0   0:00  0.00% /usr/local/php5/bin/php-cgi /home/user

Notice the active "/usr/sbin/httpd -k start -DSSL" processes. Normally they only show up when apache is (re)starting but then go away. However, here they are constantly present.

Checking the /var/log/http/access_log I can see 11246 lines of
Code: 
::1 - - [12/Jan/2014:19:34:12 +0100] "OPTIONS * HTTP/1.0" 200 112
since midnight.

Server status shows
Code: 
Srv	PID	Acc	M	CPU 	SS	Req	Conn	Child	Slot	Client	VHost	Request
0-0	44156	0/16/451	W 	2.05	0	0	0.0	0.16	8.04 	178.84.178.4	localhost:443	GET /server-status HTTP/1.1
1-0	44211	0/24/459	_ 	5.34	0	3	0.0	0.23	9.05 	1.2.3.4	www.fakewebsite.com:	GET / HTTP/1.1
2-0	44311	1/6/411	C 	1.48	1	397	54.8	0.07	4.75 	1.2.3.4	localhost:80	NULL
3-0	44214	0/6/406	W 	0.39	16	0	0.0	0.04	10.96 	1.2.3.4	www.fakewebsite.com:80	POST /shoutbox/asb_ajax.php HTTP/1.1
4-0	44114	0/15/376	R 	5.32	3	812	0.0	0.11	11.92 	1.2.3.4		
5-0	44313	0/0/432	W 	1.23	22	0	0.0	0.00	6.84 	1.2.3.4	www.fakewebsite.com:80	POST /shoutbox/asb_ajax.php HTTP/1.1
6-0	44082	0/25/377	_ 	4.38	1	727	0.0	0.22	5.94 	1.2.3.4	localhost:80	NULL
7-0	44159	0/17/355	R 	1.99	2	2734	0.0	0.24	3.40 	1.2.3.4		
8-0	44314	1/7/446	C 	0.23	1	0	26.9	0.07	7.32 	1.2.3.4	localhost:80	NULL
9-0	44331	0/4/368	_ 	0.54	2	34	0.0	0.03	12.75 	1.2.3.4	localhost:80	NULL
10-0	44385	1/1/395	C 	0.00	0	104	3.2	0.00	4.55 	1.2.3.4	localhost:80	NULL
11-0	44088	0/13/322	_ 	2.80	0	90	0.0	0.23	3.21 	1.2.3.4	localhost:80	NULL
12-0	-	0/0/347	. 	1.80	39	0	0.0	0.00	4.25 	::1	my.server.com:80	OPTIONS * HTTP/1.0
13-0	-	0/0/409	. 	10.47	43	0	0.0	0.00	5.29 	::1	my.server.com:80	OPTIONS * HTTP/1.0
14-0	44248	0/6/357	_ 	0.29	1	558	0.0	0.02	11.18 	1.2.3.4	localhost:80	NULL
15-0	-	0/0/233	. 	0.00	64	0	0.0	0.00	5.26 	::1	my.server.com:80	OPTIONS * HTTP/1.0
16-0	-	0/0/282	. 	0.00	65	0	0.0	0.00	3.80 	::1	my.server.com:80	OPTIONS * HTTP/1.0
17-0	-	0/0/337	. 	3.45	28	0	0.0	0.00	8.46 	::1	my.server.com:80	OPTIONS * HTTP/1.0
18-0	43849	0/61/304	R 	10.66	3	827	0.0	0.72	3.15 	1.2.3.4		
19-0	-	0/0/209	. 	0.00	61	0	0.0	0.00	2.15 	::1	my.server.com:80	OPTIONS * HTTP/1.0
20-0	-	0/0/261	. 	0.00	71	0	0.0	0.00	2.89 	::1	my.server.com:80	OPTIONS * HTTP/1.0
21-0	-	0/0/184	. 	3.16	10	0	0.0	0.00	6.44 	::1	my.server.com:80	OPTIONS * HTTP/1.0
22-0	-	0/0/146	. 	0.00	70	0	0.0	0.00	1.31 	::1	my.server.com:80	OPTIONS * HTTP/1.0
23-0	-	0/0/114	. 	5.33	68	0	0.0	0.00	5.45 	::1	my.server.com:80	OPTIONS * HTTP/1.0
24-0	-	0/0/203	. 	3.27	40	0	0.0	0.00	1.74 	::1	my.server.com:80	OPTIONS * HTTP/1.0
25-0	-	0/0/123	. 	2.10	20	0	0.0	0.00	0.85 	::1	my.server.com:80	OPTIONS * HTTP/1.0
26-0	44194	0/6/91	W 	1.88	4	0	0.0	0.02	1.14 	81.167.76.142	www.fakewebsite.com:80	POST /shoutbox/asb_ajax.php HTTP/1.1
27-0	-	0/0/230	. 	13.41	43	0	0.0	0.00	2.46 	::1	my.server.com:80	OPTIONS * HTTP/1.0
28-0	44195	0/8/32	_ 	3.66	0	14	0.0	0.04	0.29 	178.255.215.76	www.fakewebsite.com:	GET /robots.txt HTTP/1.1
29-0	-	0/0/98	. 	17.51	8	0	0.0	0.00	1.68 	::1	my.server.com:80	OPTIONS * HTTP/1.0
30-0	-	0/0/1	. 	0.00	1572	0	0.0	0.00	0.00 	::1	my.server.com:80	OPTIONS * HTTP/1.0

The OPTIONS * HTTP/1.0 connections are runnig for quite a while, whilst 2 - 3 of them show cpu load.

I cannot, for the life of me, figure out where these connections are coming from (other than ipv6 localhost (::1), but we do not use ipv6, not actively anyway. Only lo0 (this is FreeBSD) is configured with ipv6, because that's the way the system gets configured during install.

Just about everything I found on the internet tells me this is apache testing its threads/processes. We have 21 servers currently and this is the only one where these connections are showing up in top and actually cause load. Does anyone have any idea what the hell is going on?
 
Then why the high load and it being the only server out of 21 that has this? And this wasn't so until a week ago (check the differences in top).
 
Hello,

I've done some research on this as well (we see many OPTIONS as well), but the only thing that I can come up with is that apache has simply changed the verbosity of this tool.
It's done it before in the past, but was simply not logged.

This is from the apache wiki:
http://wiki.apache.org/httpd/InternalDummyConnection

Apache Wiki said:
During certain periods you may see up to one such request for each httpd child process.These requests are perfectly normal and you do not, in general, need to worry about them. They can simply be ignored.
Click to expand...
I'll still be keeping my eye on this, but as far as I can tell, there isn't much to it.

As for the load, hard to say for sure, but may just be a temporary php spike? Else the OPTIONS are doing something, which apache claims is "normal".

John
 
I've read the same documentation. However, dummy connections are not supposed to significantly raise the load on a server. So, even though it looks like it's a dummy connection (I can see the same lines in the access_logs on all the servers) this is the only server where they cause high load since about a week.

And it temporary so far as it's not always done this, but it has been constant for the last 7 days.
 
sorry to dig this up from but I'm having the same issue on 1 server for the last 1 month. Load on httpd is high and it keeps loading till httpd goes down and memory usage is about 40+ gb.
A httpd restart solve the issue but it keeps loading up and Apache is stuck in L (logging state).
Server has only 1 Wordpress site.
 
You must log in or register to reply here.
Back
Top