[Oisf-users] Suricata 3.0 / 3.0.1 IPS Perfomance Anomaly?
Berk Gulenler
gulenler at boun.edu.tr
Wed Apr 6 12:34:54 UTC 2016
Hi Victor,
I guess that is what you wanted.
core2: (env CFLAGS='-g -O2 -march=core2' ./configure --enable-nfqueue
--prefix=/usr --sysconfdir=/etc --localstatedir=/var
--disable-gccmarch-native)
19.70% Suricata-Main [kernel.kallsyms] [k] clear_page_c
8.63% Suricata-Main [kernel.kallsyms] [k] mem_cgroup_charge_common
5.51% Suricata-Main [kernel.kallsyms] [k] page_fault
5.10% Suricata-Main libc-2.19.so [.] memset
5.08% Suricata-Main libc-2.19.so [.] 0x000000000007fee6
5.08% Suricata-Main libpthread-2.19.so [.] pthread_mutex_unlock
4.40% Suricata-Main libpthread-2.19.so [.] pthread_mutex_init
3.64% Suricata-Main libpthread-2.19.so [.] pthread_mutex_lock
3.63% Suricata-Main libc-2.19.so [.] malloc
3.17% Suricata-Main [kernel.kallsyms] [k] unmap_page_range
3.07% Suricata-Main [kernel.kallsyms] [k] __rmqueue
2.19% Suricata-Main suricata [.] DefragTrackerAlloc
2.04% suricata [kernel.kallsyms] [k] strlen
1.93% Suricata-Main [unknown] [.] 0x00007f5b5cc6a4be
1.89% Suricata-Main libyaml-0.so.2.0.2 [.]
yaml_parser_fetch_more_tokens
1.74% suricata [kernel.kallsyms] [k] flush_tlb_page
1.59% Suricata-Main [kernel.kallsyms] [k] context_tracking_user_enter
1.47% Suricata-Main suricata [.] DefragInitConfig
1.45% Suricata-Main [kernel.kallsyms] [k] __acct_update_integrals
1.45% Suricata-Main [kernel.kallsyms] [k] handle_mm_fault
1.45% Suricata-Main suricata [.] DefragTrackerEnqueue
1.44% Suricata-Main [kernel.kallsyms] [k] copy_pte_range
1.38% Suricata-Main [kernel.kallsyms] [k] __mod_zone_page_state
1.22% Suricata-Main [kernel.kallsyms] [k] __pagevec_lru_add_fn
1.15% Suricata-Main suricata [.] SCACCreateFailureTable
1.09% Suricata-Main [kernel.kallsyms] [k] __khugepaged_enter
0.96% Suricata-Main suricata [.] PoolInit
0.90% Suricata-Main suricata [.] DefragFragInit
0.73% Suricata-Main [kernel.kallsyms] [k] __alloc_pages_nodemask
0.73% Suricata-Main [kernel.kallsyms] [k] find_get_page
0.73% Suricata-Main [kernel.kallsyms] [k] vtime_account_user
0.73% Suricata-Main [kernel.kallsyms] [k] __mem_cgroup_commit_charge
0.73% Suricata-Main [kernel.kallsyms] [k] jiffies_to_timeval
0.73% Suricata-Main [kernel.kallsyms] [k] ima_file_free
0.73% Suricata-Main [kernel.kallsyms] [k] rcu_eqs_enter
0.73% Suricata-Main [kernel.kallsyms] [k] get_page_from_freelist
0.73% Suricata-Main [kernel.kallsyms] [k] account_user_time
0.71% Suricata-Main [kernel.kallsyms] [k] copy_user_generic_string
0.19% suricata [kernel.kallsyms] [k] flush_signal_handlers
0.13% Suricata-Main [kernel.kallsyms] [k] finish_task_switch
0.03% Suricata-Main [kernel.kallsyms] [k] native_write_msr_safe
0.01% suricata [kernel.kallsyms] [k] native_write_msr_safe
native: (./configure --enable-nfqueue --prefix=/usr --sysconfdir=/etc
--localstatedir=/var)
21.68% Suricata-Main [kernel.kallsyms] [k] clear_page_c
8.73% Suricata-Main libc-2.19.so [.] 0x000000000008088c
6.53% Suricata-Main suricata [.] DefragTrackerAlloc
4.93% Suricata-Main [kernel.kallsyms] [k] page_fault
4.37% Suricata-Main libpthread-2.19.so [.] pthread_mutex_lock
4.27% Suricata-Main [kernel.kallsyms] [k] mem_cgroup_charge_common
3.60% Suricata-Main [kernel.kallsyms] [k] unmap_page_range
3.36% Suricata-Main [kernel.kallsyms] [k] __mem_cgroup_commit_charge
3.28% Suricata-Main [kernel.kallsyms] [k] get_page_from_freelist
2.77% Suricata-Main suricata [.] PoolInit
2.22% Suricata-Main suricata [.] DefragInitConfig
2.18% Suricata-Main libpthread-2.19.so [.] pthread_mutex_unlock
2.18% Suricata-Main [kernel.kallsyms] [k] page_add_new_anon_rmap
2.14% suricata libc-2.19.so [.] _dl_addr
1.98% Suricata-Main libyaml-0.so.2.0.2 [.] yaml_parser_update_buffer
1.72% suricata ld-2.19.so [.] 0x0000000000005b20
1.67% Suricata-Main [kernel.kallsyms] [k] __zone_watermark_ok
1.61% Suricata-Main [unknown] [.] 0x00007f7710518494
1.55% Suricata-Main [kernel.kallsyms] [k] __pagevec_lru_add_fn
1.51% Suricata-Main libpthread-2.19.so [.] pthread_mutex_init
1.46% Suricata-Main libpcre.so.3.13.1 [.] compile_regex
1.46% Suricata-Main [kernel.kallsyms] [k] __rmqueue
1.45% Suricata-Main [kernel.kallsyms] [k] _raw_spin_lock
1.24% Suricata-Main [kernel.kallsyms] [k] free_pages_prepare
1.17% Suricata-Main suricata [.] SCACPreparePatterns
0.94% Suricata-Main suricata [.] DefragFragInit
0.82% Suricata-Main [kernel.kallsyms] [k] local_clock
0.74% Suricata-Main [kernel.kallsyms] [k] context_tracking_user_enter
0.74% Suricata-Main suricata [.] DefragTrackerEnqueue
0.73% Suricata-Main [kernel.kallsyms] [k] lookup_page_cgroup
0.73% Suricata-Main [kernel.kallsyms] [k] get_pageblock_flags_group
0.73% Suricata-Main [kernel.kallsyms] [k] account_user_time
0.73% Suricata-Main [kernel.kallsyms] [k] rcu_eqs_exit_common.isra.48
0.73% Suricata-Main [kernel.kallsyms] [k] vma_adjust
0.73% Suricata-Main [kernel.kallsyms] [k] native_sched_clock
0.73% Suricata-Main [kernel.kallsyms] [k] release_pages
0.72% Suricata-Main [kernel.kallsyms] [k] mem_cgroup_page_lruvec
0.72% Suricata-Main [kernel.kallsyms] [k] copy_pte_range
0.72% Suricata-Main [kernel.kallsyms] [k] dup_mm
0.24% suricata [kernel.kallsyms] [k] fput
0.12% Suricata-Main [kernel.kallsyms] [k] _raw_spin_unlock
0.05% Suricata-Main [kernel.kallsyms] [k] native_write_msr_safe
0.02% suricata [kernel.kallsyms] [k] native_write_msr_safe
On 05-04-2016 16:15, Victor Julien wrote:
> On 05-04-16 11:00, Berk Gulenler wrote:
>> I'm having performance problems over HTTP with "-march=native" flag. I'm
>> sending you test results that I have made on the same hardware and with
>> same configuration.
>>
>> Suricata 3.0.1:
>> * IPS
>> * --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var
>> * *CFLAGS -g -O2 -march=native*
>> * workers mode
>> * af_packet: threads: 16, cluster-type: cluster_cpu, use-mmap: yes
>> * threading: set-cpu-affinity: yes
>> Intel Xeon CPU E5-2690 x 2
>> Intel X540-AT2
>> Ubuntu 14.04.4 LTS
>> gcc version 4.8.4
>>
>> wget over Suricata: (results are consistent over many tests)
>> 1.784.676.352 55,1MB/s (single flow)
>>
>> Suricata 3.0.1:
>> * IPS
>> * --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var
>> * *CFLAGS -g -O2 -march=core2*
>> * workers mode
>> * af_packet: threads: 16, cluster-type: cluster_cpu, use-mmap: yes
>> * threading: set-cpu-affinity: yes
>> Intel Xeon CPU E5-2690 x 2
>> Intel X540-AT2
>> Ubuntu 14.04.4 LTS
>> gcc version 4.8.4
>>
>> wget over Suricata: (results are consistent over many tests)
>> 1.784.676.352 74,8MB/s (single flow)
>>
>> However there are no performance problems observed over iperf (tcp)
>> benchmarks in both tests. (~860 Mbit/s over single flow)
>>
> Could you add additional information? I'd be interested in learning
> where the performance is different in the code.
>
> Use 'perf' to record this info:
>
> perf record <your suricata startup line>
>
> Then when you stopped Suricata, share the output of
>
> perf report
>
> You may have to recompile Suricata with CFLAGS="-g".
>
> Thanks!
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: native.perf.data
Type: application/octet-stream
Size: 18964 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160406/424e0c3a/attachment-0004.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: core2.perf.data
Type: application/octet-stream
Size: 18804 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160406/424e0c3a/attachment-0005.obj>
More information about the Oisf-users
mailing list