Suricata Kills down speed
-
I didnt build the Protectli FW4c. Factory built it, i will change the thermal paste though.
Im am looking up the @bmeeks recommendations for ids/ips configuration as i am new to using this aspect of the firewall and packageIntel Celeron J3710 2.6Ghz 4-cores (just realized its only clocking in at 1.6Ghz) (40C temp)
8GB ram (typo)
4x Individual Intel 2.5Gbps nic's (independent cpu lanes)
hardware encryption enabled (for OpenVPN)
1Gbps/1Gbps internetstandard PFSense Plus install 23.01 with:
Suricata (using paid OINK code from snort)(inline/workers)
OpenVPN with just 2 cellphones connected
BandwidthD for bandwitdth usage graphs
MiniUPNPd for 2 xbox's -
- PowerD activated? (high adaptive)
-
@dobby_
no powerd. should i use it even though no battery ups? -
So i put artic silver on the cpu and turned on powerd (HiAdaptive). cpu temp went down 10c dashboard still says 1.6Ghz
-
@maverikh 2.6 is the burst/turbo. 1.6 base.
https://ark.intel.com/content/www/us/en/ark/products/91532/intel-pentium-processor-j3710-2m-cache-up-to-2-64-ghz.html
As noted above look at the % CPU usage while doing your test. If it’s maxed out, it’s maxed out.
Edit: powerd will reduce the clock speed if idle. When working pfSense will show two numbers on the dashboard.
-
@steveits Thank you all, Correct me if im wrong with this....
It's safe to say that if my CPU is at 7% utilization and then I loaded Suricata, and it only jumps the CPU to roughly 16% ...its not likely the cpu will speed up and therefore having some affect on internet bandwidth.
PowerD (maximum) has no affect on CPU clock when set.
I wanted to see if bandwidth improved directly by having the CPU run full clock speed. -
@maverikh Then CPU isn’t your bottleneck. Are you using inline or legacy/default mode? I skimmed the above, didn’t see the NICs posted?
-
@steveits Inline workers.
Intel 2.5Gbps nic's x4 ports I think its the I225-V
Protectli FW4C -
no powerd. should i use it even though no battery ups?
If you use it (powerD high adaptive) and your internet
traffic goes under higher load and the CPU is not
scaling up (turn up to higher GHz), this will be then
the problem as I see it, and you may solve it by setting
up PowerD.So i put artic silver on the cpu
cpu temp went down 10c dashboardThe most clients (buyers) of QoTom, Protectli,......
will do so often it first, after arriving and unpacking
as I have seen them reporting and also like you say
the temp went something between 5 C° to 10 C°
then down!What numbers you will see at the WAN port (throughput)
if you are not using suricata? I mean you said it went down
to something around 300 MBit/s, but from how much before? -
@dobby_ 1Gpbs down to now 500Mbps so i saw some improvement
-
@maverikh said in Suricata Kills down speed:
1Gpbs down to now 500Mbps so i saw some improvement
Are you using PPPoE on that internet account? If so your
pfSense will be nailed or pinned to one CPU core!!! If not
the entire WAN load will be balanced over all CPU cores
pending on your settings, your NIC (support it or not) and
also the amount and size of queues that will be able to set up. 4C / 4T = 4 queues and more queues means more transported data and for sure faster throughput comes bysite -
@dobby_ Its fiber to the modem ONT, 1Gbps/1Gbps synchronis. not ppoe. Gateway based
-
@maverikh said in Suricata Kills down speed:
Its fiber to the modem ONT, 1Gbps/1Gbps synchronis. not ppoe. Gateway based
You could try out to play around with the queue amount
and also the size to get let call it something more out for
your max. throughput. -
@dobby_ Perhaps my tunables is part of issues....
