RSS on FreeBSD stable/12 gateway

Özkan KIRIK ozkan.kirik at gmail.com
Sun Mar 14 07:24:53 UTC 2021 

Hello Adrian,

I wonder if the current RSS code supports software mode. Is it possible to
enforce software RSS? And what about Sender Side Scaling ?

I want to assign a snort instance for each NIC queue. Snort is configured
to use netmap mode. Needs and questions are below:
- For a proper detection, both of request and response packets must enter
into same snort instance so that same NIC queue. For example 3way handshake
packets, TLS handshake packets and etc all must use same queue for both
directions.
- I'm afraid that, option RSS is only socket aware. But gateways/routers
doesnt have sockets for all connections. Is it possible to perform such
hashing and requeuing while forwarding packets?
- On receive side, is it possible to hashing & requeuing before the netmap
step?
- On sender side, is it possible to hashing & queuing before pushing in NIC
queue?

What is the right way to do this?

Özkan

On Sun, Mar 14, 2021 at 7:02 AM Adrian Chadd <adrian.chadd at gmail.com> wrote:

> On Sun, 7 Mar 2021 at 23:08, Özkan KIRIK <ozkan.kirik at gmail.com> wrote:
> >
> > Thanks,
> >
> > I wonder that, why RSS and PCBGROUP options are not enabled in GENERIC
> > kernel by default.
> > Is there any performance or stability issues?
>
> I've been running it for years at home on my desktop machine with zero
> issues.
> However, I'm likely a special case because I hacked on it for a while. ;-)
>
> Hans - which iflib intel hardware corrupted it? It's possible someone
> undid a bunch of work I did when figuring out what the heck RSS needed
> to make it actually work work, or it could be the 10/40g hardware they
> shipped that was actually really broken :(
>
>
>
> -adrian
>
> >
> > On Mon, Mar 8, 2021 at 12:26 AM Hans Petter Selasky <hps at selasky.org>
> wrote:
> >
> > > On 3/7/21 10:03 PM, Özkan KIRIK wrote:
> > > > Any suggestions to enable RSS ?
> > >
> > > I found that RSS hardware computed checksums are not correct when using
> > > iflib (intel hardware), compared to what the software expects, so
> > > traffic goes on wrong queue and gets dropped simply. Maybe you see
> > > something similar.
> > >
> > > --HPS
> > >
> > _______________________________________________
> > freebsd-net at freebsd.org mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-net
> > To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>

More information about the freebsd-net mailing list