Ethernet Card Issues (Suggestions of new NIC hardware)
Vaha
I noticed that every single card we had with our hardware has been having issues since it couldn't handle the amount of traffic received.
Our server is able to last for 30 minutes and just crash (kernel) and not come back up again.
My question is to all of the users using Security Onion is to which hardware is the best one you have used in your environment that can support up to 2000 machines without crashing.
Hardware suggestions are much appreciated. If you know of any models that are Gigabit and support Ubuntu natively I would greatly appreciate it.
Thanks,
Vaha
Doug Burks
Most users report good experiences with Intel NICs.
However, if you're having kernel panics, are you sure it is the NIC?
Have you run full diagnostics on your server hardware?
How much RAM do you have?
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/groups/opt_out.
--
Doug Burks
Vaha
So I currently have a system that has 2 quad core CPU and 16GB of RAM. I did all of the diagnostics on the hardware and didn't receive any errors.
So I think it has to be my Ethernet card since we get about 2-3GB of traffic in less than 5 minutes.
So if you have any suggestions on an Intel model that can withstand a large amount of traffic, I would be glad to go and purchase it.
Thanks,
Vaha
Greg Williams
Michal Purzynski
be great, like this (there are also 2 ports versions and one accepting
different optics, so choose wisely)
http://ark.intel.com/products/39773/Intel-Ethernet-Converged-Network-Adapter-X520-SR1
For the 1Gbit I had good experiences with
http://www.intel.com/content/www/us/en/network-adapters/gigabit-network-adapters/pro-1000-pt-dp.html
(which is also ridiculously cheap and you have two ports).
Doug Burks
> Hello Doug,
>
> So I currently have a system that has 2 quad core CPU and 16GB of RAM.
Vaha
Intel Xeon E5620 Two 2.40 GhZ Quad Core Processors (8 physical cores, 16 cores with Hyper-Threading)
We actually have 64GB of memory DDR3 with 1066 MHz. My mistake!
So we will have to look at a Gigabit Ethernet adapter. The Intel Pro series have reached end of life what Michael P. stated. What is their newest model with the highest level of cores?
I also want to know if we get a dual Gigabit port card, is there a possibility to use both ports as load balancers?
Thanks,
Vahidin
Michal Purzynski
> Ok so here are a bit more updated specs on this machine.
>
> Intel Xeon E5620 Two 2.40 GhZ Quad Core Processors (8 physical cores, 16 cores with Hyper-Threading)
> We actually have 64GB of memory DDR3 with 1066 MHz. My mistake!
> So we will have to look at a Gigabit Ethernet adapter. The Intel Pro series have reached end of life what Michael P. stated. What is their newest model with the highest level of cores?
balancing for you. Either a specialized device (like NetOptics
xDirector) or ask your network vendor.
>
> Thanks,
>
> Vahidin
>
MattH
Along this line of discussion, would any PF_RING module reconfiguration/rebuild be required in order to replace an existing NIC (Broadcom on this case) with a new Intel e1000?
thanks,
Matt