[Oisf-users] suricata 3.2.0 for 10Gb performance
Cooper F. Nelson
cnelson at ucsd.edu
Fri Jan 20 20:59:49 UTC 2017
My method uses RSS. If you want to try the single-queue method follow
this guide:
> https://github.com/pevma/SEPTun
I would recommend trying that one first, as you don't need to patch the
ixgbe driver.
-Coop
On 1/19/2017 5:08 PM, Maxim wrote:
> Hi Cooper, Thanks very much. I could not open
> http://marc.info/?l=linux-netdev&m=148181173415107&w=2 to patch my
> ixgbe driver. I use ixgbe-4.4.6, the latest version downloaded from
> Intel official site. Do I need to patch it? Could you please share
> your experience to optimize suricata performance? Could you please
> send me a list? Currently, I use multiple queues and RSS, and plus
> RFS, and my setup can process nearly 5 gigabits of traffic per
> second. I wanna try your way, that is single receive queue + RFS.
> Another question is that what size of RX queue should I set? Does
> this size have something to do with CPU layer 3 cache size? I used
> perf to record my cache misses, my cache miss rate is nearly 50%,
> maybe I can reduce this. Many thanks.
>
>
> Hittlle
>
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170120/75e2e471/attachment-0002.sig>
More information about the Oisf-users
mailing list