[Oisf-users] Tuning Suricata (2.0beta1) -- no rules and lots of packet loss

Cooper F. Nelson cnelson at ucsd.edu
Wed Aug 21 17:26:25 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't think that is what's happening.  I think each of the first 16
cores are getting 4 hardware queues assigned.

Have you tried restarting the irqbalance daemon after loading the ixgbe
module?

Have you tried using the set_irq_affinity.sh provided with the ixgbe
source and running it for each interface?  Maybe what you need is to do
is modify that script to assign interrupts in a specific sequence for
each card.  For example, the script has this line:

>     for VEC in `seq 0 1 $MAX`

This just counts from 0 to 16 in the typical use case with an increment
of one.  What I'm suggesting is modifying the script so that it counts
from 0-15 for interface 1, 16-31 for interface 2, 32-47 for interface 3
and 48-63 for interface 4.

- -Coop

On 8/21/2013 9:52 AM, Tritium Cat wrote:
> No, it doesn't work, at least in the sense of only 1% packet loss being
> considered a success.  Something odd with the Intel cards is preventing
> more than 16 hardware queues from being used as the system will only show
> activity with 16 cores in workers mode, all other CPUs are 100% idle.  The
> RSS parameter to the ixgbe module needs to be set for each port although it
> claims to automatically use # of cores or # of ports, whichever is greater.
>  Also again, about FdirMode=3.. I don't think it applies here.
> 

- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSFPhBAAoJEKIFRYQsa8FWwv0IAKPnzi+LkdOIXZATg3kObRVn
9Se6u5GoPWPpL4+nKJ50hL3bLj4MDaFUGZu2oBgTJNRco1m6fQRIHg4lAIt+fCuz
i44HUl0jR/+U6n64ptqFV1ENfJ+PZTisNYs6eWlPco9kwrgy0jTf1/OagLzoWqbl
9IMwcpETiOB/huuBo+gE0xFQZsGm4QHTiNr3Ia6ZHgBYhoMhQByjmVlrTuN0aYiv
Bs6KcY4LGPASMC60T4n57a8wAOpr+zZiiBrIspOH583dZKSeXEsg7xQAXJCVsn7b
U9s6V3rBdQdPdqxTL+oBBsOUHjmOQEbzjtHIDXuDQPe1m5LN+nqksdH9j9QgilM=
=oTyJ
-----END PGP SIGNATURE-----

More information about the Oisf-users mailing list