On 23 September 2014 01:36, Alexander V. Chernikov <melif...@freebsd.org> wrote: > On 22.09.2014 23:46, Adrian Chadd wrote: >> Hi, >> >> Yes. >> >> * grab an ixgbe NIC and the -HEAD driver; (or cxgbe - I haven't gone >> and written RSS programming code for that just yet); >> * patch it to use a symmetric RSS key; >> * configure up N queues; >> * run an instance of snort on each TX/RX ring from the NIC. > Oh, wow. > I have a low priority task to do that. > Nice to see this in stock fbsd! > >> >> The last step requires that you have snort use netmap rather than just >> straight bpf - or maybe somehow there's a way to glue bpf into a >> single netmap ring. > I've wrote snort netmap DAG once, but it does not play well w/o > symmetric rss. > I've see if I can share it.
That'd be great! I'll see if I can get -HEAD enabled with an optional symmetric RSS key. It shouldn't be too difficult. The problem is the current RSS setup uses the same key for all NICs. I _guess_ that isn't going to /really/ be a problem here - unless you really want your server to serve lots of traffic /and/ snort :) Then we just need a netmap enabled snort :) -a _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
