OPNsense Forum

Archive => 16.1 Legacy Series => Topic started by: Kuragari on February 29, 2016, 06:56:13 pm

Title: IPS Stability ?
Post by: Kuragari on February 29, 2016, 06:56:13 pm
Hello, i have a little problem with IPS mode.

With only IDS activated everything work correctly (i try simply ICMP on my domaine name), result :
--- yannqueniart.com ping statistics ---
91 packets transmitted, 91 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 9.564/11.063/35.916/2.849 ms

If i check IPS i lost packet, same test :
--- yannqueniart.com ping statistics ---
79 packets transmitted, 71 packets received, 10.1% packet loss
round-trip min/avg/max/stddev = 9.479/59.938/2452.720/307.091 ms

In System --> parameters --> network, i have check that (as asked) :

I don't do other thing than activated IPS mode, no more rulesets.

I think i have enough CPU power and memory (Atom Quad core 1,86Ghz and 4Gb RAM).
My LAN is : re0: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet>
My WAN is : re1: <RealTek 8169/8169S/8169SB(L)/8110S/8110SB(L) Gigabit Ethernet>

Somebody have the same problem ?
Title: Re: IPS Stability ?
Post by: franco on March 01, 2016, 08:20:19 am
My guess would be inherent issues with re(4) NICs, although I've seen netmap(4) do this on other NICs too back in 2014. I don't know if this is still the case.
Title: Re: IPS Stability ?
Post by: Kuragari on March 02, 2016, 06:21:36 pm
Hi, I confirm, it is a card problem...... (Don't like Realtek)

I put an Intel Pro/1000 Gigabit NIC PCI-X in my PCI slot (that work, the card can work in 32 bits mode, 33Mhz).

Now IPS mode work without problem.  :)
Title: Re: IPS Stability ?
Post by: franco on March 03, 2016, 08:03:18 am
Okay, thanks for reporting back. :)