From owner-freebsd-net@FreeBSD.ORG  Tue Sep 23 12:05:54 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 8E393D73
 for <freebsd-net@freebsd.org>; Tue, 23 Sep 2014 12:05:54 +0000 (UTC)
Received: from mtaout22.012.net.il (mtaout22.012.net.il [80.179.55.172])
 by mx1.freebsd.org (Postfix) with ESMTP id 3E744FBB
 for <freebsd-net@freebsd.org>; Tue, 23 Sep 2014 12:05:53 +0000 (UTC)
Received: from conversion-daemon.a-mtaout22.012.net.il by
 a-mtaout22.012.net.il (HyperSendmail v2007.08) id
 <0NCC00H00S3UUL00@a-mtaout22.012.net.il> for freebsd-net@freebsd.org;
 Tue, 23 Sep 2014 15:05:51 +0300 (IDT)
Received: from mail.ngtech.co.il ([84.95.212.160]) by a-mtaout22.012.net.il
 (HyperSendmail v2007.08) with ESMTPA id
 <0NCC00H2WS9REM90@a-mtaout22.012.net.il> for freebsd-net@freebsd.org;
 Tue, 23 Sep 2014 15:05:51 +0300 (IDT)
Received: from [192.168.10.131] (unknown [192.168.10.254])	by
 mail.ngtech.co.il (Postfix) with ESMTPA id 2A1CA21099	for
 <freebsd-net@freebsd.org>; Tue, 23 Sep 2014 15:05:51 +0300 (IDT)
Date: Tue, 23 Sep 2014 15:05:51 +0300
From: Eliezer Croitoru <eliezer@ngtech.co.il>
Subject: Re: How do I balance bandwidth over several virtual NICs?
In-reply-to: <CAJ-Vmo=NGGkOkPWQKZ=3gA3vYYyM2kcjd3m85ymdJY3q4ixxLw@mail.gmail.com>
X-012-Sender: eliezer-111@012.net.il
To: freebsd-net@freebsd.org
Message-id: <5421621F.2070504@ngtech.co.il>
MIME-version: 1.0
Content-type: text/plain; charset=windows-1252; format=flowed
Content-transfer-encoding: 7bit
References: <DUB125-W13FDC584F5DF9881CF5FDEBCB30@phx.gbl>
 <CA+P_MZGA_uz_H_QsB+dgXEgbXNCjv7w-OToKby=ww+vKgnU4_Q@mail.gmail.com>
 <DUB125-W851F972702452D9809C8E5BCB30@phx.gbl>
 <CAJ-Vmo=NGGkOkPWQKZ=3gA3vYYyM2kcjd3m85ymdJY3q4ixxLw@mail.gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.1.1
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Sep 2014 12:05:54 -0000

Just wanted to make sure I understand the issue:
Snort is not utilizing from some reason the CPU by not threading or by 
something else with the NIC configuration?
 From my point of view Snort has to do the changes and not the OS, am I 
misunderstanding something?

Thanks,
Eliezer

On 09/22/2014 10:46 PM, Adrian Chadd wrote:
> Hi,
>
> Yes.
>
> * grab an ixgbe NIC and the -HEAD driver; (or cxgbe - I haven't gone
> and written RSS programming code for that just yet);
> * patch it to use a symmetric RSS key;
> * configure up N queues;
> * run an instance of snort on each TX/RX ring from the NIC.
>
> The last step requires that you have snort use netmap rather than just
> straight bpf - or maybe somehow there's a way to glue bpf into a
> single netmap ring.
>
> I haven't wrapped all of this up and thrown it into FreeBSD-HEAD yet,
> but i know that a symmetric RSS key works fine on 82599 hardware with
> a fixed driver.
>
>
> -a