grigorescu/steps.md

## steps.md

      
    Raw
  

              steps.md
            
          
    We're tripling down on acronyms, by using the VFIO driver, with IOMMU and SR-IOV.
Boot parameters

intel_iommu=on iommu=pt default_hugepagesz=1G hugepagesz=1G hugepages=16
Enable hugepages

echo 4096 | sudo tee /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages
mkdir -p /tmp/mnt/huge
mount -t hugetlbfs nodev /tmp/mnt/huge
chown zeek: /tmp/mnt/huge
Enable SR-IOV

echo 1 | sudo tee /sys/module/vfio_pci/parameters/enable_sriov
Bind the NIC to the correct driver

sudo dpdk-devbind.py -b vfio-pci 02:00.0
chown zeek: /dev/vfio/vfio /dev/vfio/52
Set limits

/etc/security/limit.d/24-memlock.conf:
# memlock unit: KiB
zeek hard memlock 16777216
zeek soft memlock 1048576

Then, as the Zeek user: ulimit -l 16777216