[Oisf-users] Suricata on FreeBSD 10, netisr problem
Özkan KIRIK
ozkan.kirik at gmail.com
Fri Apr 4 12:47:53 UTC 2014
Hi,
I am trying to use suricata on FreeBSD 10 amd64.
FreeBSD behaves as a VLAN router and NAT Box.
Traffic is about 400Mbps.
When i diverted traffic to suricata, ( add 100 divert 8000 all from any to
any via em0 )
swi: netisr 0 thread gets %100 cpu.
other netisr threads are %0. And Even I remove the divert rule, netisr
still eats %100 cpu. I think that something looping :)
And after 1-2 minutes, one of igb0 and igb1 stops working.
Only reboot solves problem.
Hardware has 8 cores, 24GB Ram
My loader.conf :
hw.igb.txd="4096"
hw.igb.rxd="4096"
hw.igb.rx_process_limit=1024
hw.igb.num_queues=3
net.isr.maxthreads=3
net.isr.bindthreads=1
net.isr.defaultqlimit=4096
net.isr.maxqlimit=20480
net.link.ifqmaxlen=10240
How can I debug this situation?
Any suggestions?
Best regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140404/4bd12d4b/attachment.html>
More information about the Oisf-users
mailing list