[Bro] Linux vs FreeBSD

Michael Shirk shirkdog.bsd at gmail.com
Sat Dec 10 10:05:47 PST 2016

There are at least 2 large FreeBSD installations monitoring 10-50Gbps (one
that can scale to 100Gbps). I believe both utilize Myricom cards so from a
performance perspective, you can get the necessary performance out of

My focus has been on the low end of this (1-10Gbps) getting FreeBSD to
scale on commodity hardware, as FreeBSD 12 will have updated netmap code
for better packet I/O.

Though I live and die by BSD, it is up to you what you feel more
comfortable with, for maintenance and operations. With management tools
like Salt/Ansible/Puppet, it really is a personal/organizational preference
as to which one you use.

FreeBSD 11 has shown better network performance compared to some Linux
distros in a recent test with netperf/iperf, but the test did not cover
packet monitoring:


Michael Shirk
Daemon Security, Inc.

On Dec 10, 2016 12:31, "Clark Gaylord" <cgaylord at vt.edu> wrote:

Yeah this is probably a faq but thought I'd see if, especially with newer
bro, there's a prevailing wind. I've been running single 1gig Linux bro box
for a little over a year and it just hums along. For my Christmas project,
I'm going to upgrade to 10 gig (probably only single) and will likely
rebuild the box while I'm at it. A second 10 gig is possible in the future.
I'm comfortable with both FreeBSD and Linux and will have Myricom 10 gig
NIC. Thoughts/suggestions regarding implementation choices?

Clark Gaylord
cgaylord at vt.edu
... autocorrect may have improved this message
    brevity should not be interpreted as curtness ...

Bro mailing list
bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20161210/c3f514e4/attachment.html 

More information about the Bro mailing list