Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.
echo -n 50 > /sys/devices/system/cpu/cpufreq/ondemand/up_threshold
Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.
Another change that also does seem to work is:
echo -n 50 > /sys/devices/system/cpu/cpufreq/ondemand/up_threshold
XG115W - v20.0.3 MR-3 - Home
XG on VM 8 - v21 GA
If a post solves your question please use the 'Verify Answer' button.
Update:
I installed the Beta, and updated to 9.171.
Power consumption:
31W idle with 2 NICs plugged in @ 1gbps (Atheros NIC unplugged)
(27-29W all NICs unplugged)
31W with Iperf port 80 @ 120mbps
55W with Iperf port 80 @ 300mbps AND openssl test running (see notes below)
my expectation is that typical home power consumption would be 31W unless under heavy load. Note I am not running the HTTP proxy though.
Some basic Iperf test results are at:
http://www.astaro.org/gateway-products/hardware-installation-up2date-licensing/49427-ips-performance-tests-hardware-benchmarks-unofficial.html#post250520
William is absolutely right about the CPU throttling affecting performance.
It is so bad that I suspect even a dual-core i3 would be affected.
I had to run the openssl speed test to get the CPU to run at 3.4GHz, enabling much higher IPS throughput.
The best way to watch the CPU frequencies in Linux seem to be:
watch -n.1 'cat /proc/cpuinfo|grep MHz'
I am really surprised that snort using high CPU (70% of one core, throttled) isn't enough to trigger the CPU to run at a higher speed. I will do some research and more testing...
After the IPS tests, I turned on all of the following: Application Control (aka Network Visibility), PortScan and Flood protection, and ATP. No reduction in performance was noticed, nor did I see any of those processes (e.g. afcd) using any CPU in 'top'. I was somewhat surprised by that.
Barry
Owner: Emmanuel Technology Consulting
Former Sophos SG(Astaro) advocate/researcher/Silver Partner
PfSense w/Suricata, ntopng,
Other addons to follow
XG115W - v20.0.3 MR-3 - Home
XG on VM 8 - v21 GA
If a post solves your question please use the 'Verify Answer' button.