Messages

1

Intrusion Detection and Prevention / Re: Suricata not using all system resource?

« on: June 11, 2021, 03:43:43 am »

I think the suricata conf is set by opnsense to auto for threading, I have a similar card to yours (x550) and 4 CPUS and when I set threads to 4 I get poor performance, 2 threads for 4 queues is ok and able to achieve wire rate.

https://suricata.readthedocs.io/en/suricata-5.0.6/capture-hardware/netmap.html

I have noticed the same behaviour you're describing on pfsense, suricata seems to be pinned to one core not sure why ?

 

2

Hardware and Performance / Re: KVM "poor" performance ?

« on: December 11, 2017, 07:39:57 pm »

I thank you sir  :

3

Hardware and Performance / [SOLVED] KVM "poor" performance ?

« on: December 10, 2017, 01:04:38 pm »

Hello,

I've decided to go OpnSense for my router appliance, I've decided to run it on my old media server that I've converted to a virtualization server on debian (mini-itx, i5-3470s, 8G RAM, intel 350 t2).

I've allocated 2vcpu and 3G to OpnSense and the 2 nic are running on passthrough mode (virtio), i was not able to make VFIO work because of iommu grouping ...

When connecting the media converter directly to my laptop I'm getting 930Mb/s but when connecting it to my box I'm getting 480 Mb/s.

I'm new to OpnSense so I'm currently running the default configuration but I'm not sure what is the bottleneck :

- OpnSense ? filtering ?
- Virtualization ?
- Hardware issue ? "fake" intel nic ?