WAN speed slower with IPS enabled on 20.7.4 vs 20.1.9

[mfsense]

Hi all, just recently upgrade from 20.1.9 to 20.7.4 but noticed a speed reduction when IPS is enabled. from ~350Mbps down to ~250Mbps

One thing I noticed is when I start IDS/IPS it only starts 2 processing threads

Code Select Expand

all 2 packet processing threads, 4 management threads initialized, engine started.

I have 4 igb nics, IPS only enabled on WAN and processor is an

Code Select Expand

Intel(R) Celeron(R) CPU J3160 @ 1.60GHz (4 cores)

started looking into the suricata.yaml file but my inexperience with it didn't help much. under netmap: in the yaml file I have threads set to auto. does it make sense to set this to 4? or is that a stupid idea?

Code Select Expand

# Number of capture threads. "auto" uses number of RSS queues on interface.
# Warning: unless the RSS hashing is symmetrical, this will lead to
# accuracy issues.
threads: auto

[mimugmail]

There is already an open thread about this. It's a limitation of FreeBSD 12.1 and team is working on it.
If you really need such speeds AND Sensei/Suri just go back to 20.1.9 in the meantime.

[mfsense]

good to know that I'm not the only one
do you have a reference link of the other thread? I might be looking for the wrong keywords, can't find it :(