AMD zen 5 Hyperscan AVX-512 Suricata Throughput

[seed]

Hi there,

since Hyperscan 5.4.0 AVX-512 is supported. This Version is currently a part of OPNsense 24.1.5_3-amd64. The latest version is: Hyperscan 5.4.2 released in april 2023 (please update Hyperscan @opnsense devs).

Since AVX is used to speed up suricata. More avx performance should mean more throughput.
It is rumoured that AMDs zen 5 architrecture will double the avx-512 performance. In theory this could result in an extreme performance improvement.

The Deciso DEC4280 (EPYC 3451) is being marketed with ~7.5Gbps Threat Protection Throughput.
Using this information as a baseline and throwing in some benchmark numbers i try to estimate what a zen 5 Suricata IPS performance could look like:

CPU              Benchmarkesult (cpubenchmark.net)   IPS Throughput (gbps)
EPYC 3451             19532                                                      7,5
Ryzen 7700x              36021                                                      13,8 (estimated)
Ryzen 7950x             62950                                                       24,1 (estimated)
Ryzen 9950x          94425 (estimated)                                               36,2 (estimated)

[seed]

It looks like the EPYC 3451 does not Support avx-512. So my estimates could be waaaaay off.
Zen 4 with avx-512 could be a massive improvement above the AMD EPYC Embedded 3000 architecture. Zen 5 could be mindblowing.

Unfortunately i cant benchmark beyond 1Gbps with my ryzen 7700 setup (my access switch ports are just 1G).

I would be very happy if opnsense entered the performance class of ASIC/FPGA firewalls.

[damien92220]

Hello,

that's a very interesting estimate.

I'm looking to configure an Intel Core i9 13900T with a benchmark score of 44099.

I think it will be good for at least +10 Gpbs and zenarmor.
I'm basing myself on the Epyc 3451.
After that, I know it doesn't have AVX512.

My connection is 8 Gbps symmetrical.

Am I right?