Performance Issue with IPS enabled on C2750

Started by moe, June 25, 2025, 03:47:54 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 25, 2025, 03:47:54 PM Last Edit: June 25, 2025, 03:59:14 PM by moe
Hi!
I searching for a while to find the issue in my home network what is limitating the throughput.
But now its clear. Its Surricata.

My Setup is a SuperMicro Board with C2750.
If I enable Surricata with IPS I can only get 100mbit throughput, but if I disable it, I am near 1 Gig (Arround 780mbit).

So what can I do to optimize the throughput?

My current setup looks like this:

[X] Disable hardware checksum offload
[X] Disable hardware TCP segmentation offload
[X] Disable hardware large receive offload

Disable VLAN Hardware Filtering.

I have only one interface for my local network with 10 VLANs.

IPS-Settings:

Interfaces: LAN, WAN (thats my physical interfaces)
Pattern matcher: Hyperscan
Promiscuous mode: "not checked"
Home networks: LAN-Adresses, WAN-Adress

Thanks for your help!
kind regards

June 25, 2025, 04:39:05 PM #1
Home-Network WAN Address is probably wrong.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Today at 06:41:31 PM #2
Are you sure?
Thats the guide from this forum, and as expected many use this setup.

Just for information, I restartet suricata and get now 80 MB/s whats better then before.

And I found something interessting in the log:

"Out of memory" or something like that, I didn't have it in the log anymore.

What is this?
The memory consumation is minimal of my opnsense instanz.
Print
Go Up Pages1
User actions