[Oisf-users] Suricata 2.0 dev, 100% cpu utilization in AF_PACKET + workers mode?
Leonard Jacobs
ljacobs at netsecuris.com
Tue Jul 9 00:19:11 UTC 2013
Ok then it is probably not the same problem.
-----Original Message-----
From: Cooper F. Nelson [mailto:cnelson at ucsd.edu]
Sent: Monday, July 08, 2013 6:45 PM
To: Leonard Jacobs
Cc: oisf-users at openinfosecfoundation.org
Subject: Re: [Oisf-users] Suricata 2.0 dev, 100% cpu utilization in AF_PACKET + workers mode?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm on the latest 3.8 series kernel. The 3.9 series kernel did not work with the Intel ixgbe driver.
- -Coop
>3.8.12-gentoo #1 SMP Sat May 11 16:43:33 UTC 2013 x86_64 Intel(R)
>Xeon(R) CPU X5560 @ 2.80GHz GenuineIntel GNU/Linux
On 7/8/2013 4:37 PM, Leonard Jacobs wrote:
> I believe that there is a known problem before kernel 3.5 in Linux.
>
> -----Original Message-----
> From: oisf-users-bounces at openinfosecfoundation.org
> [mailto:oisf-users-bounces at openinfosecfoundation.org] On Behalf Of
> Cooper F. Nelson
> Sent: Monday, July 08, 2013 5:08 PM
> To: oisf-users at openinfosecfoundation.org
> Subject: [Oisf-users] Suricata 2.0 dev, 100% cpu utilization in AF_PACKET + workers mode?
>
> See subject. The current dev. release of suricata has an issue where threads will get stuck at 100% cpu utilization after running for some period of time and stop processing packets. The process then needs to terminated via 'kill -9' and restarted to free up the cores. This does not happen in the production release.
>
> Is this a known issue? The dev. release otherwise performs much better in our environment.
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support:
> http://suricata-ids.org/support/
> List:
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJR208CAAoJEKIFRYQsa8FWdREH/AhNu+YLqlzei5eJJ9JE3hIu
0XQWfn2E/8KUhdUzxEDwiQe2tttQr/DYRF+pRQx1hjGnwVafp01QhMYuBzE/tw/8
BZKXCRxI4owJiW50gnxnwlOD53/OB1txoRbd+p4NZlGmniY96hQdnItspHdSKxMV
kGfZEQ4nFRIJIwvbn2YwNvwEw9rLnFBUo5TXhwvfenS+oxGUErF2O4Hs9/skcNeq
UKm1jmgKpT9SF0cMlFLrvTyheVqKYhI2Ruv3LcwwXAXyfBWceKIIeUOLQHH2omdc
b4pIDnFcXOldnxvGghJXxcGoCv6EaeKT/K7q37mqngy54dSx5L9eouxzhA/JWyY=
=7BOH
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list