Please include the following information with your help request:
- Suricata version
- Operating system and/or Linux distribution
- How you installed Suricata (from source, packages, something else)
Hello everyone,
I’m running Suricata version 8.0.2 on a Dell R730 with 256GB of RAM (PoC hardware) with Rocky Linux 10, installed from packages.
It’s configured in IPS mode:
-
interface: eno1
cluster-id: 100
cluster-type: cluster_flow
defrag: yes
copy-mode: ips
copy-iface: eno4
threads: auto
use-mmap: yes
tpacket-v3: yes
ring-size: 4096
block-size: 262144 -
interface: eno4
cluster-id: 101
cluster-type: cluster_flow
defrag: yes
copy-mode: ips
copy-iface: eno1
threads: auto
use-mmap: yes
tpacket-v3: yes
ring-size: 4096
block-size: 262144
Unfortunately, when I put it online, it breaks the connections of some applications (SAP, for example, which times out after about ten minutes).
Is this a known issue ?
Thanks
Spleef