Author Topic: Network performance issue with IPS (Read 1390 times)

decalpha · « **on:** July 12, 2022, 03:36:58 pm »

CPU: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz (2 cores, 4 threads)
Networking: Intel Gigabit LAN

Memory: 8GB
Versions: OPNsense 22.1.10-amd64
Intrusion Detection: Enabled
Promiscuous mode: Not Selected
Detect Profile: High

I am using iperf for network performance measurement, and iperf3 on the OPNsense host shows <300 Mbits/sec. Strange thing is that after a restart it's around 950 Mbits/sec, before dropping back to 250-300 range. To rule out network issue I tried iperf3 across multiple other systems and it's in around 950 Mbits/sec.

Is this expected with this hardware setup?

abulafia · « **Reply #1 on:** July 12, 2022, 03:44:50 pm »

IDS needs a lot of performance, IPS even more so.

However, my 5250u can push a gigabit with IDS enabled. So you may need to tune your rules (less, and moving IP Blocklists to the firewall alias+rules) and configuration.

decalpha · « **Reply #2 on:** July 12, 2022, 03:51:50 pm »

Would you be able to direct me to correct resource(s)?

mimugmail · « **Reply #3 on:** July 12, 2022, 05:22:53 pm »

I5 8000U should handle 1000 also in IPS mode. Which rules do you use? Hyperscan active?

decalpha · « **Reply #4 on:** July 13, 2022, 01:39:08 pm »

Quote from: mimugmail on July 12, 2022, 05:22:53 pm

I5 8000U should handle 1000 also in IPS mode. Which rules do you use? Hyperscan active?

Pattern matcher: is indeed set to Hyperscan.
How do I get the list/count of rules from command line?

Regarding I5 8000U, afraid I have to upgrade the whole system (using Qotom mini pc).
Would N6005 be any better?

Author Topic: Network performance issue with IPS (Read 1390 times)

decalpha

Network performance issue with IPS

abulafia

Re: Network performance issue with IPS

decalpha

Re: Network performance issue with IPS

mimugmail

Re: Network performance issue with IPS

decalpha

Re: Network performance issue with IPS