[Oisf-users] Suricata 3.0 / 3.0.1 IPS Perfomance Anomaly?
Berk Gulenler
gulenler at boun.edu.tr
Tue Apr 5 09:00:46 UTC 2016
Dear All,
I'm having performance problems over HTTP with "-march=native" flag. I'm
sending you test results that I have made on the same hardware and with
same configuration.
Suricata 3.0.1:
* IPS
* --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var
* *CFLAGS -g -O2 -march=native*
* workers mode
* af_packet: threads: 16, cluster-type: cluster_cpu, use-mmap: yes
* threading: set-cpu-affinity: yes
Intel Xeon CPU E5-2690 x 2
Intel X540-AT2
Ubuntu 14.04.4 LTS
gcc version 4.8.4
wget over Suricata: (results are consistent over many tests)
1.784.676.352 55,1MB/s (single flow)
Suricata 3.0.1:
* IPS
* --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var
* *CFLAGS -g -O2 -march=core2*
* workers mode
* af_packet: threads: 16, cluster-type: cluster_cpu, use-mmap: yes
* threading: set-cpu-affinity: yes
Intel Xeon CPU E5-2690 x 2
Intel X540-AT2
Ubuntu 14.04.4 LTS
gcc version 4.8.4
wget over Suricata: (results are consistent over many tests)
1.784.676.352 74,8MB/s (single flow)
However there are no performance problems observed over iperf (tcp)
benchmarks in both tests. (~860 Mbit/s over single flow)
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160405/37390d6a/attachment.html>
More information about the Oisf-users
mailing list