Re: [Soekris] high CPU usage for network interrupts on 4801

Sun, 16 Sep 2007 13:32:23 -0700 

On Sep 16, 2007, at 12:11 PM, Jan Hoevers wrote:

> I'm using a Soekris net4801-60 as a router, with a lan1641 in the PCI 
> slot, giving me 7 ethernet ports. I'm running pfSense 1.0.1, a routing 
> package based on FreeBSD 6.1 and PF.

> The NTP pool doesn't generate much traffic, but it comes in bursts of 
> approximately an hour. Yesterday I was closely monitoring such a 
> burst, with a bandwith of 230 kbit/sec, quite stable for about 30 
> minutes. Nothing extreme for a 4801, I would say.
> It surprised me that the Soekris was running > 50% CPU, the "top" 
> display revealed that it was almost entirely interrupt processing.

> This would mean that I will run into trouble with a NTP spike of 500 
> kbit/sec. That surprises me because I remember posts on this list 
> stating about 40 Mbit/sec throughput for a 4801.
>
> I've tried downloading a large file to the NTP machine at a much 
> higher speed (6800 kbit/sec), which takes about 75% CPU for interrupt 
> processing. I guess the small size of NTP packets is inefficient.

Yes, figures like 40Mbps are a "best case" scenario with full-size 
packets.  With small packets, the limiting factor is packets per 
second, as each one incurs processing.

> However, this 75% is stil much higher than I would expect.

That seems a bit high to me too.  What are the other 5 ethernet ports 
doing?

> I've tried moving the NTP machine from an ethernet port on the 1641 to 
> one on the 4801 board in an attempt to avoid the PCI bus, but it makes 
> little or no difference. (Maybe I'm not avoiding the PCI bus this way, 
> I'm not sure.)

You're not, it all goes over the PCI bus either way.

> I'm not a hardware or unix guru and I've run out of clues. What's 
> going wrong? Is there anything I can do? Or do I see a problem that 
> doesn't exist?
> Would it be better to leave pfSense and install FreeBSD and PF from 
> scratch?

I'll let others cover FreeBSD specifically, since I haven't done any 
testing with recent versions.  One thing that would help is getting a 
handle on what pps rates you're actually seeing, though.  I don't know 
if pfsense measures it, but you can get an idea with:
     netstat -I sis0 -w 1

(Replace sis0 with the external interface.)

_______________________________________________
Soekris-tech mailing list
[email protected]
http://lists.soekris.com/mailman/listinfo/soekris-tech

Reply via email to