Low Performance
| Device | Vanilla Linux Bridge Only | Linux nProbe IPS | Vanilla FreeBSD Bridge Only | FreeBSD nProbe IPS |
|---|---|---|---|---|
| PC Engines APU2 | 550 Mbps | 600 Mbps | 1 Gbps | 120 Mbps |
| Intel E3 | 10 Gbps / 1.8 Mpps | 10 Gbps / 2.4 Mpps |
System Configuration
With indexing and PCAP compression enabled:
- Performed on both Linux and FreeBSD, using a low-end computer or mid-range PC.
- Tests have been performed on the following conditions:
- Linux IPS mode has been tested with 4 queues using a netfiter configuration named “kernel marker bypass”. This explains why nprobe in IPS mode is faster on a low-end box that the vanilla bridge.
- Under FreeBSD there is no kernel marker bypass mode, hence the performance decrease is severe when using nProbe as bridging is performed in user-space.
- Average packet size 1000 byte.