[Oisf-users] Benchmark testing with Trex
Michał Purzyński
michalpurzynski1 at gmail.com
Fri Dec 7 19:11:47 UTC 2018
Can you compare the results with and without RPS?
> On Dec 7, 2018, at 4:49 AM, Nidhi V Singhai <nidhivar at gmail.com> wrote:
>
> Hello Peter
>
>> On Fri, Dec 7, 2018 at 8:15 AM Peter Manev <petermanev at gmail.com> wrote:
>> On Thu, Dec 6, 2018 at 6:55 PM Nidhi V Singhai <nidhivar at gmail.com> wrote:
>> >
>> > Hello Victor
>> >
>> > Apologies for the delay in response. I did not have access to my setup till now. Please find the requested data below
>> >
>> > DUT -
>> > Distro: CentOS
>> > Kernel : 4.14.62-2.v7.x86_64
>> > This is Intel I350 4-port Gigabit NIC and I am using 2 ports for my testing connected to two ports of the box running TRex.
>> >
>> > This is a gen7 CPU and I have used RPS:
>> > echo 4 > /sys/class/net/enp1s0f2/queues/rx-0/rps_cpus
>> > echo 2 > /sys/class/net/enp1s0f3/queues/rx-0/rps_cpus
>> >
>>
>> Sorry it may be obvious but just wanted to confirm - Is this on the
>> Suricata system or on the replay machine ?
>>
> Yes, this is the DUT running suricata.
>
>> > I have disabled NIC offloading as per the Septun doc, stopped irqbalance, and pinned interrupts to different cores. I can see that the right queues are being used for my packets in /proc/interrupts.
>> >
>> > My AF-Packet config is below:
>> > - interface: enp1s0f2
>> > cluster-id: 99
>> > cluster-type: cluster_flow
>> > defrag: yes
>> > use-mmap: yes
>> > tpacket-v3: yes
>> > ring-size: 400000
>> > block-size: 393216
>> >
>> > On Trex, currently I am using the configuration in the package (avl/sfr_delay_10_1g_asa_nat.yaml). I have modified this file to generate a traffic of 150Mbps by using only a couple of pcaps from this file and adjusting their cps. I have 255 clients and 10 servers.
>> >
>> > Few stats from my last run. Please note that I do have other services running as well on the system which are using the CPU which would explain the kernel_drops.
>> > capture.kernel_packets | Total | 75591077
>> > capture.kernel_drops | Total | 4410661
>> > tcp.pkt_on_wrong_thread | Total | 29509415
>> >
>>
>> Could you please upload a stats.log here please -
>> https://redmine.openinfosecfoundation.org/issues/2725 with your set
>> up info?
>> I am trying to trace down "wrong_thread" occurrences and to find the
>> reason for it.
>>
> I'll add the details to this link. I'll be able to do that next week once I have access to it again.
>
>> > Kindly let me know if you need any more details.
>> >
>>
>> I think you may also consider increasing "max-pending-packets" in
>> suricata.yaml if you haven't done it already.
>
> I haven't changed max-pending-packets. Will change this value and monitor the behavior.
>>
>> > Many thanks
>> > Nidhi.
>> >
>> >>
>> >> ----------------------------------------------------------------------
>> >>
>> >> Message: 1
>> >> Date: Fri, 23 Nov 2018 16:14:40 +0100
>> >> From: Victor Julien <lists at inliniac.net>
>> >> To: oisf-users at lists.openinfosecfoundation.org
>> >> Subject: Re: [Oisf-users] Benchmark testing with Trex
>> >> Message-ID: <e30943f3-1955-803f-1546-df9b3be31a05 at inliniac.net>
>> >> Content-Type: text/plain; charset=utf-8
>> >>
>> >> Hi Nidhi,
>> >>
>> >> On 15-11-18 18:28, Nidhi V Singhai wrote:
>> >> > I am collecting some suricata performance figures for my setup and am
>> >> > using Trex for traffic replay. I am using standard trex profiles with
>> >> > mostly http/https traffic currently. With suricata 4.1, I am observing
>> >> > around 50% of the packets on wrong thread. I have a dual core system
>> >> > with HT. I have disabled NIC offloading and set single rx/tx queues for
>> >> > my interfaces. There are no capture drops registered. Has anyone else
>> >> > tried suricata with trex? Can someone please suggest what might be the
>> >> > cause of packets on wrong thread and how to avoid it?
>> >>
>> >> At Suricon18 Joe's talk dealt with trex testing, however he did not test
>> >> 4.1 yet. So the 'wrong thread' counters weren't yet available. He is
>> >> planning to repeat the testing, so we maybe we will learn whether he
>> >> will run into the same.
>> >>
>> >> Can you give some more details on your setup? Distro, kernel, ethtool
>> >> output, hardware, afpacket section of your yaml, etc?
>> >>
>> >> Also things like trex setup would be useful.
>> >>
>> >> Thanks!
>> >> Victor
>> >
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181207/9c2e256c/attachment-0001.html>
More information about the Oisf-users
mailing list