[Oisf-users] Question about cpu-affinity

Cooper F. Nelson cnelson at ucsd.edu
Mon Mar 5 06:04:13 UTC 2018 

On 3/2/2018 3:03 AM, Eric Leblond wrote:
>> Or maybe allow defining named cpu sets and allow assigning those to
>> af-packet interface configs:
>>
>> - cpu-set
>>   name: af-packet-eth0
>>   cpu: [ 0, 2, 4, 6, 8, 10, 12, 14]
>>   mode: "exclusive"
>> - cpu-set
>>   name: af-packet-eth1
>>   cpu: [1, 3, 5, 7, 9, 11, 13, 15 ]
>>   mode: "exclusive"
>>
>>
>>
>> af-packet:
>>   - interface: eth0
>>     cluster-id: 99
>>     cpu-set: "af-packet-eth0"
>>   - interface: eth1
>>     cluster-id: 98
>>     cpu-set: "af-packet-eth1"
> I like this second proposal better. From what I've seen a few packet
> capture APIs are using the numa node in the capture params, maybe we
> could combined both approach.

I'll vote for this as approach as well.

For some context, I've just got done deploying a 64 core AMD Piledriver
suricata system.  Dual 10 gig Intel NICs (ixgbe driver).

I based my build on Peter Manev's SEPTUN guide, however since AMD
doesn't support the same caching architecture that Intel does
(specifically DCA and DDIO) the performance wasn't as expected.  Using a
single RSS queue simply doesn't work, the core is pegged @100% with
significant packet loss.

What I ended up doing was creating a hybrid deployment that used my
standard HPC server build, 4 RSS queues/cores per NIC/NUMA node and
cluster_flow to have suri distribute flows to the remaining 56 cores in
software.  The reason I wanted to interleave the detect threads was to
leverage the AMD Hypertransport bus to evenly distribute the load from
both NICs over the whole system.

-- 
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180304/d1b17932/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180304/d1b17932/attachment-0002.sig>

More information about the Oisf-users mailing list