From owner-freebsd-net@FreeBSD.ORG Tue Sep 23 15:47:21 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C0895FF6 for ; Tue, 23 Sep 2014 15:47:21 +0000 (UTC) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 908C4F94 for ; Tue, 23 Sep 2014 15:47:21 +0000 (UTC) Received: from jre-mbp.elischer.org (ppp121-45-253-99.lns20.per2.internode.on.net [121.45.253.99]) (authenticated bits=0) by vps1.elischer.org (8.14.9/8.14.9) with ESMTP id s8NFlFbY036821 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 23 Sep 2014 08:47:19 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <542195FE.5050800@freebsd.org> Date: Tue, 23 Sep 2014 23:47:10 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: Eliezer Croitoru , freebsd-net@freebsd.org Subject: Re: How do I balance bandwidth over several virtual NICs? References: <5421621F.2070504@ngtech.co.il> In-Reply-To: <5421621F.2070504@ngtech.co.il> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2014 15:47:21 -0000 On 9/23/14, 8:05 PM, Eliezer Croitoru wrote: > Just wanted to make sure I understand the issue: > Snort is not utilizing from some reason the CPU by not threading or > by something else with the NIC configuration? > From my point of view Snort has to do the changes and not the OS, am > I misunderstanding something? No, but asking them to change acording to one's internal project schedule is not realistic.. so in the interest of time one has to live with (and work around) the problem. > > Thanks, > Eliezer > > On 09/22/2014 10:46 PM, Adrian Chadd wrote: >> Hi, >> >> Yes. >> >> * grab an ixgbe NIC and the -HEAD driver; (or cxgbe - I haven't gone >> and written RSS programming code for that just yet); >> * patch it to use a symmetric RSS key; >> * configure up N queues; >> * run an instance of snort on each TX/RX ring from the NIC. >> >> The last step requires that you have snort use netmap rather than just >> straight bpf - or maybe somehow there's a way to glue bpf into a >> single netmap ring. >> >> I haven't wrapped all of this up and thrown it into FreeBSD-HEAD yet, >> but i know that a symmetric RSS key works fine on 82599 hardware with >> a fixed driver. >> >> >> -a > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >