Archive > 22.7 Legacy Series
Throughput with IDS/IPS Enabled
w9hdg:
Good Day Everyone,
I have been trying to wrap my head around the Intrusion Detection system. I have attached screenshots of the configuration that I have instead of trying to explain it all. The long and the short of it is that when I have Intrusion Detection/Intrusion Prevention enabled I see the throughput of my WAN drop from 550ish to 480 or so.
I have attached screenshots of everything I can think of. Is the IDS system just that much of a power hog? If so perhaps the system requirements page needs an update to reflect this because from my understanding I should be running a lot better than I am. I do know I'm a little light on RAM that is being addressed tomorrow when my order shows up (I hope). For the observant among you this is a virtualized install with a passed through Intel dual gigabit nic.
Thanks in advance,
~T
vico1959:
Did you disable all hardware offloading as the help on the IPS line warns you to do before enabling?
Supermule:
The short answer is yes....
But in the end it depends on the hardware at hand.
w9hdg:
--- Quote from: vico1959 on November 11, 2022, 11:49:08 pm ---Did you disable all hardware offloading as the help on the IPS line warns you to do before enabling?
--- End quote ---
Yes I did
w9hdg:
--- Quote from: Supermule on November 11, 2022, 11:54:38 pm ---The short answer is yes....
But in the end it depends on the hardware at hand.
--- End quote ---
Can you elaborate? It has 10 cores of a dual e5-2450v2 setup which turbos to 2.5 ghz. Is surricata single threaded? If so that would explain why throwing more cores at it doesn't seem to be really helping.
Navigation
[0] Message Index
[#] Next page
Go to full version