Hello all, I am trying to add PF_RING support for suricata IPS (inline) mode. At the first step, I have decided to test the performance of pfbridge application. For this purpose I started pfsend on a pc, bfbridge on another pc and pfcount application on the third pc.
pfsend pc -----> pfbridge pc ------> pfcount pc I am using Intel NIC 82576 with PF_RING aware igb 5.0.6 driver with 8 queues. When I use -p option with pfbridge, every thing is just working fine and pfcount receives the packets generated by pfsend. To reach better performance, I decided not to use -p option and use pfring_send_last_rx_packet function. But although pfbridge application reports the pps correctly, no packets are received by pfcount application! 1. Is there any problem with igb and pfring_send_last_rx_packet? 2. I am suspicious about some race condition on this situation. If pfbridge application, takes some time for processing the received packet, does kernel space function 'consume_pending_pkts' waits for its decision to send the packet? or it just clears the slot and calling 'pfring_send_last_rx_packet' function has no effect at all? Best Regards, Mahdi.
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
