Hi, I am trying to use suricata on FreeBSD 10 amd64. FreeBSD behaves as a VLAN router and NAT Box.
Traffic is about 400Mbps. When i diverted traffic to suricata, swi: netisr 0 thread gets %100 cpu. other netisr threads are %0. And Even I remove the divert rule, netisr still eats %100 cpu. I think that something looping :) And after 1-2 minutes, one of igb0 and igb1 stops working. Only reboot solves problem. Hardware has 8 cores, 24GB Ram My loader.conf : hw.igb.txd="4096" hw.igb.rxd="4096" hw.igb.rx_process_limit=1024 hw.igb.num_queues=3 net.isr.maxthreads=3 net.isr.bindthreads=1 net.isr.defaultqlimit=4096 net.isr.maxqlimit=20480 net.link.ifqmaxlen=10240 How can I debug this situation? Any suggestions? Best regards _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
