Hi everyone,
I'm fairly new to OPNSense and Zenarmor. When setting up Zenarmor for the first time and selecting interfaces in Routed Mode with native netmap driver I receive the attached warning message. I've read the documentation from the links it provides but I still don't understand what exactly makes my deployment incompatible.
Some details about my setup:
- OPNsense is version 23.1.11 and Zenarmor version is 1.13.2
- The interfaces are VLAN subinterfaces on a lagg interface which also has receive side scaling enabled
- Hardware CRC, TSO, LRO and VLAN filtering are all disabled
- hw.ixl.enable_head_writeback is disabled
- I am running an Intel XL710-AM1 which uses the ixl driver in FreeBSD. I am not using the driver that comes with OPNsense, but the latest one from Intel instead:
[admin@lonrtr01 ~]$ sysctl -a | grep -E 'dev.(ix).*.%desc:'
dev.ixl.3.%desc: Intel(R) Ethernet Connection 700 Series PF Driver, Version - 1.12.40
dev.ixl.2.%desc: Intel(R) Ethernet Connection 700 Series PF Driver, Version - 1.12.40
dev.ixl.1.%desc: Intel(R) Ethernet Connection 700 Series PF Driver, Version - 1.12.40
dev.ixl.0.%desc: Intel(R) Ethernet Connection 700 Series PF Driver, Version - 1.12.40
I had thought that Zenarmor supported the ixl driver natively now and I wouldn't need to install a different kernel on OPNsense for example. Am I mistaken? Or is it something else I've done?
I would appreciate it if anyone could help improve my understanding of the situation. Thanks!
I have been using the X710-DA2 for two years now. It works perfectly well in native mode, using OPNsense on a Proxmox host with SR-IOV virtual interfaces (iavf) here. Stock drivers though, in Proxmox and OPNsense.
The good folks from Zenarmor support recommended to get a ixl interface back when I asked them about which NIC to buy.