Hello, i have a little problem with IPS mode.
With only IDS activated everything work correctly (i try simply ICMP on my domaine name), result :
--- yannqueniart.com ping statistics ---
91 packets transmitted, 91 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 9.564/11.063/35.916/2.849 ms
If i check IPS i lost packet, same test :
--- yannqueniart.com ping statistics ---
79 packets transmitted, 71 packets received, 10.1% packet loss
round-trip min/avg/max/stddev = 9.479/59.938/2452.720/307.091 ms
In System --> parameters --> network, i have check that (as asked) :
- Disable hardware checksum offload
- Disable hardware TCP segmentation offload
- Disable hardware large receive offload
I don't do other thing than activated IPS mode, no more rulesets.
I think i have enough CPU power and memory (Atom Quad core 1,86Ghz and 4Gb RAM).
My LAN is : re0: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet>
My WAN is : re1: <RealTek 8169/8169S/8169SB(L)/8110S/8110SB(L) Gigabit Ethernet>
Somebody have the same problem ?
My guess would be inherent issues with re(4) NICs, although I've seen netmap(4) do this on other NICs too back in 2014. I don't know if this is still the case.
Hi, I confirm, it is a card problem...... (Don't like Realtek)
I put an Intel Pro/1000 Gigabit NIC PCI-X in my PCI slot (that work, the card can work in 32 bits mode, 33Mhz).
Now IPS mode work without problem. :)
Okay, thanks for reporting back. :)