Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Lower cpu load during idle in 22.7.5 when using suricata
« previous
next »
Print
Pages: [
1
]
Author
Topic: Lower cpu load during idle in 22.7.5 when using suricata (Read 2023 times)
Ypsilon
Newbie
Posts: 16
Karma: 9
Lower cpu load during idle in 22.7.5 when using suricata
«
on:
October 06, 2022, 04:23:09 pm »
This could be a continuation of this thread, as we are on 22.7 release now:
https://forum.opnsense.org/index.php?topic=24895.0
Version 22.7.5 was released with of course the security fix as most important change..
Suricata was upgraded too in this release, with a change that should revert cpu load while idle to levels knows before 21.7.3
I upgraded my system and the load drop was significant.
I wonder if other users that experienced this specific load issue have the same improvement after upgrading to 22.7.5.
See also:
https://redmine.openinfosecfoundation.org/issues/4421
https://github.com/opnsense/core/issues/6065
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Lower cpu load during idle in 22.7.5 when using suricata
«
Reply #1 on:
October 07, 2022, 07:51:25 am »
To be honest, with all the outrage on negative things happen... the least will report that CPU usage is lower and that they are happy about it.
But consider me happy this was resolved.
Cheers,
Franco
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Lower cpu load during idle in 22.7.5 when using suricata
«
Reply #2 on:
October 07, 2022, 09:44:08 am »
I'm going to re-enable it and check, thanks for pointing it out.
I had to disable it or put on IDS mode only, the bandwith was reduced too much to be usable. Different things but maybe it is better in that regard too.
Logged
jphylips
Newbie
Posts: 10
Karma: 4
Re: Lower cpu load during idle in 22.7.5 when using suricata
«
Reply #3 on:
October 07, 2022, 11:06:10 am »
Hi,
I noticed a drop in CPU load as well. I have proof in a Zabbix graph, which I'm unable to upload I'm afraid.
Franco,
No negativity from my end. You guys are doing an excellent job. Better support than many enterprises deliver these days. So keep up the fantastic work and many thanks from a former pfSense user.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Lower cpu load during idle in 22.7.5 when using suricata
«
Reply #4 on:
October 07, 2022, 01:25:54 pm »
It wasn't meant as a rant, I'm sorry if it came across like this. That's just usually what we see when something keeps working no matter how much it improved: lack of feedback.
But we generally take this as a good sign.
Cheers,
Franco
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Lower cpu load during idle in 22.7.5 when using suricata
«
Reply #5 on:
October 07, 2022, 03:18:55 pm »
Re-enabled IPS and again 500 Mbps link gets only 119 Mbps. I'm diasbling Suricata again. In fact I might need to forego Suricata all together. Sorry for the noise, this is performance issue.
On a positive side, the cpu usage is indeed low
Logged
RamSense
Hero Member
Posts: 595
Karma: 10
Re: Lower cpu load during idle in 22.7.5 when using suricata
«
Reply #6 on:
October 07, 2022, 05:09:56 pm »
How do you test this? I have used
https://www.speedtest.net/
on multiple devices with and without IPS mode, but I get the same speed (1gbit ISP connection and about 700 Mbps on wifi, 950 on apple tv wired). So no problems here.
Running opsense:
OPNsense 22.7.5-amd64
FreeBSD 13.1-RELEASE-p2
OpenSSL 1.1.1q 5 Jul 2022
CPU type Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz (4 cores, 4 threads)
16 gb memory
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Lower cpu load during idle in 22.7.5 when using suricata
«
Reply #7 on:
October 07, 2022, 06:11:59 pm »
Thanks for inputting for this Ramsense. (apologies to OP for the slight hijack).
I am on an apu4 with an AMD GX-412TC SOC as cpu. The clock max is 1 GHz base and 1.4 boost, 4 cores.
The testing done is as you have done yours.
I've put it down to the cpu not being powerful enough to be suitable for IPS. I can't blame OPN or the Suricata chaps. Tremendous job. I've tried every optimisation I come across and RSS for instance gave me my isp package, until I introduce Suricata or Zenarmor. I lef it with Suricata as my preferred option if I had to chose but then this hit is too much.
package is 500/75. Suricata IDS 474/69 . Suricata IPS 119/35.
I didn't want to open another "why does Suricata kills my thoughput" without doing all I can to diagnose but I'm very close to admit defeat.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Lower cpu load during idle in 22.7.5 when using suricata