Hi, I have a problem with packet drops.
When monitoring packets on ixl0 (with 17 VLANs) and 9 WireGuard interfaces, I see dev.netmap.iflib_rx_miss counter growing continuously.
During high traffic by thousands per minute.
My config: OPNsense 25.7.5-amd64, LAN - Intel X710 ixl0 parent interface, Zenarmor 2.1 routed mode with native netmap driver.
Packet drops dev.netmap.iflib_rx_miss with standard tunables:
dev.netmap.buf_num="1000000"
dev.netmap.buf_size="2048"
dev.netmap.ring_size="36864"
dev.ixl.0.iflib.override_nrxds="1024"
I tried to increase descriptor rings from 1024 to 2048 because the default 1024 was insufficient for the combination of high-throughput traffic, netmap, and VLANs. Larger rings provide more space for packet buffering at the NIC level, resulting in fewer drops.
dev.ixl.0.iflib.override_nrxds="2048"
dev.ixl.0.iflib.override_ntxds="2048"
When changing dev.netmap.buf_num or dev.netmap.buf_size, Zenarmor crashes on WireGuard interfaces with loop:
generic_netmap_attach: Emulated adapter for wg* created
generic_netmap_dtor: Emulated netmap adapter for wg* destroyed
Tested (all failed):
8M buffers + buf_size 4096
8M buffers + buf_size 2048
4M buffers + buf_size 2048
6M buffers + buf_size 4096
How to achieve connectivity without packet loss? Without Zenarmor everything works without drops.