High CPU load on Soekris 6501 (1GHz Atom)

knakkergaard

Hey,

I've just installed a Soekris 6501 at a school with 80 students and 50 Mbit, but I am surprised over the high CPU-usage (See image). The router runs Captive Portal and a few firewall rules and Squid Guard for blocking Facebook.

The plan was also to install Snort for detection of P2P, but it seems that there is no more CPU power left to handle that?

System Activity:
10 root 171 ki31 0K 8K RUN 72.0H 15.97% idle
11 root -68 - 0K 200K RUN 648:27 11.96% {irq262: em2:rx 0}
11 root -68 - 0K 200K WAIT 619:27 10.99% {irq256: em0:rx 0}
21206 proxy 49 0 50304K 45104K kqread 354:06 5.96% squid
8338 proxy 47 0 6348K 3388K sbwait 169:03 2.98% squidGuard
3446 root 76 0 53668K 19196K piperd 0:28 1.95% php
13 root -16 - 0K 8K - 57:06 0.00% yarrow
8619 proxy 45 0 6348K 3388K sbwait 46:51 0.00% squidGuard
11 root -68 - 0K 200K WAIT 33:33 0.00% {irq263: em2:tx 0}
11 root -68 - 0K 200K WAIT 27:32 0.00% {irq257: em0:tx 0}
8764 proxy 44 0 6348K 3388K sbwait 21:51 0.00% squidGuard
11 root -32 - 0K 200K WAIT 21:47 0.00% {swi4: clock}
55244 nobody 44 0 5556K 2880K select 20:00 0.00% dnsmasq
17366 root 44 0 4944K 2536K select 11:41 0.00% syslogd
20 root 44 - 0K 8K syncer 10:39 0.00% syncer
0 root -68 0 0K 120K - 7:55 0.00% {dummynet}
61752 root 76 20 3656K 1452K piperd 6:21 0.00% sh
11 root -68 - 0K 200K WAIT 5:33 0.00% {irq259: em1:rx 0}

rdd1.png_thumb

jimp

Try running that top command at the console and make sure no other browser windows are open to the GUI at the time. I only get ~34% by adding up the numbers I see there, 50% if you count the idle process. 50% seems a bit fishy.

Make sure your BIOS is up to date on the Soekris as well, if it was you should be seeing two CPUs (hyperthreading)

The throughput of any such device is going to be dramatically reduced by the presence of squid and snort though.

knakkergaard

Thx for answer.

Unfortunately, the Soekris Net 6501 is only a single core.

To conclude, you would not recommend me running Snort with P2P rules?

jimp

I have a net6501, it is a single core but it runs with hyperthreading so the OS should see two. I suspect you have an old BIOS with a broken MP table.

The most recent BIOS for the net6501 is v1.41a ( http://soekris.com/downloads.html )

knakkergaard

OK. Then I need to reinstall pfsense with the dualcore function?

wallabybob

@knakkergaard:

OK. Then I need to reinstall pfsense with the dualcore function?

That will upgrade the BIOS? :-)

knakkergaard

Of course not :) Will Pfsense discover the "extra" CPU by itself?

wallabybob

@knakkergaard:

Will Pfsense discover the "extra" CPU by itself?

It is some years since I looked at the relevant code but my strong recollection is that FreeBSD "discovers" only the CPUs listed in the ACPI tables (if present) or the MPTABLE (if present).

jimp

Just upgrade the BIOS and it'll come up after you reboot. No need to reinstall.