OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: ruggerio on May 17, 2019, 09:14:10 am

Title: 100% Load when scanning huge downloads
Post by: ruggerio on May 17, 2019, 09:14:10 am

Hi,

i have a apu2c4 (4 gb RAM) running opnsense with suricata in ips-mode. All physical interfaces are select (vlans are not selected.

While normal surfing, nothing exceptional happens on the cpu-load. But whilst e.g. updating my system or downloading a whole dvd, the load of the cpu jumps up to 100% and as a result, the rttd on the gateway goes up to 700 ms...

I've already used the whole bunch of optimizations, but i have no further idea, how to get rid of this.

If i stop suricata, no problems with load.

Hast anybody else the same effect?

Thx!

Title: Re: 100% Load when scanning huge downloads
Post by: ruggerio on May 17, 2019, 01:03:33 pm

found out, that its neither suricata, nor squid. I have this load even without those. So it either seems to be a problem on the net itself or my apu2 is no longer good.

Somebody else with this?