Openfire 3.5.1 / 100% CPU / DoS on it self

A restart is usually required. Maybe one can use some managing or instrumentation methods I’m not aware of without restart.

But there’s also VisualGC / JVMStat - it can connect to the already running JVM and show heap sizes and GC stats.


I got this bug again. Server was sending approx. 3000 IQ-packets per second from an user JID to an non existent component subdomain:

from n***********el to

I tried to ban the user temporarily, to enforce that he is offline, but this did not have any effect. We have a pyICQt transport running on, but search.* does not exist.

I used a targeted PacketFilter rule to drop this packets, then it stopped. However, CPU load is still high.

(this time I’m using Openfire 3.5.2 with MySQL DB.)

Hey Martin,

That seems to be a case of flooding combined with server-2-server attempts to a non-existent server. For Openfire 3.6.0 we modified the routing logic so that s2s is not attempted for external components that are registered with the server. By registered I mean components that you either specified that are allowed or not allowed to connect to the server. I think that another optimization we could do is to not attempt another s2s connection in a few seconds if a remote server address was not found before. I will see if I can implement that for 3.6.0.


– Gato

ok, sounds good, thanks.

Message was edited by: Coolcat

Hey Martin,

I just checked in the improvement for JM-1422. You can either use the next nightly build and test the improvement or you can get the code from SVN. Let me know how it worked for you.


– Gato

I can’t exactly reproduce the problem, so it would be hard to prove if it works for me. Also it’s a production environment, so installing nightly builds is to risky for me. However, thanks for trying to help

Would you be willing to share the plugin? I’m running Openfire 3.5.2, and I’m seeing a similar problem. I would love to be able to dig further and isolate what is causing the problem.

Thanks in advance.

Hi, which plugin? PacketFilter?


Today I wrote a small plugin, which is able to count packets per user
per time. I found out, that Openfire does send 7000-8000 packets per
second from an JID that is offline to another unavailable JID.
This one? It was a really simple plugin, only a few lines of code, I think I have deleted this months ago. However, I am developing an more advanced plugin. It’s similar to PacketFilter, but has much more features. The basic core features, such as the tree-like rule structure, free definieable counters and if-then-else logic are complete. However, currently there is no user interface. I have planed an AJAX based webinterface, where you can modify your rule profiles. Im currently working on the XML-based import/export for profiles. I think I will need at least one or two weeks until this plugin is usable in a basic way.

Yes, that was the one. In the end I was able to find out what was going on by enabling message auditing - I have one user who periodically sends 1000 “subscribe” packets per second to another user. Once I knew who it was I could solve the immediate problem by killing their session.

Thanks anyway,