On Thu, Apr 3, 2014 at 9:54 PM, Özkan KIRIK <[email protected]> wrote: > Hi, > > I am trying to use suricata on FreeBSD 10 amd64. > FreeBSD behaves as a VLAN router and NAT Box. > > Traffic is about 400Mbps. > When i diverted traffic to suricata, swi: netisr 0 thread gets %100 cpu. > other netisr threads are %0. And Even I remove the divert rule, netisr > still eats %100 cpu. I think that something looping :)
To be clear, this happens only *after* you divert traffic to suricata, right? > And after 1-2 minutes, one of igb0 and igb1 stops working. > Only reboot solves problem. > > Hardware has 8 cores, 24GB Ram > > My loader.conf : > > hw.igb.txd="4096" > hw.igb.rxd="4096" > hw.igb.rx_process_limit=1024 > hw.igb.num_queues=3 > net.isr.maxthreads=3 > net.isr.bindthreads=1 > net.isr.defaultqlimit=4096 > net.isr.maxqlimit=20480 > net.link.ifqmaxlen=10240 > > How can I debug this situation? > Any suggestions? I am not an expert here but please upload o/p for "sysctl net.isr" and "sysctl dev.igb" which would show error counters to get some idea about why igb0 or igb1 stops working. Whether we are running out of some resources or something else is going on. cheers, Hiren _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[email protected]"
