"
When I have tried to increase max table entries above 1 million, they do not increase and when I go back to the settings page it is still at 1 million. Has a limit been implemented?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
26.1 Series / Max table entries does not go above 1 million regardless of what it is set to
Today at 02:04:17 AM #2
25.1, 25.4 Legacy Series / Suricata in IPS mode fails to start after 25.1.11 upgrade w/ RSS.
July 21, 2025, 03:45:23 PM
Greetings,
I am having issues with Suricata allocating host-rings after an upgrade to 25.1.11. This was working before an upgrade of OPNsense from version 25.1.6_4.
I am running RSS.
2025-07-20T04:12:28 Error suricata [105418] <Error> -- opening devname netmap:ix1-0/R@conf:host-rings=8 failed: Invalid argument
OPNsense 25.1.11-amd64
FreeBSD 14.2-RELEASE-p4
OpenSSL 3.0.17
Intel(R) Atom(TM) CPU C3758 @ 2.20GHz (8 cores, 8 threads)
dev.ix.1.%desc: Intel(R) X553 N (SFP+)
net.inet.rss.bucket_mapping: 0:0 1:1 2:2 3:3 4:4 5:5 6:6 7:7
net.inet.rss.enabled: 1
net.inet.rss.debug: 0
net.inet.rss.basecpu: 0
net.inet.rss.buckets: 8
net.inet.rss.maxcpus: 64
net.inet.rss.ncpus: 8
net.inet.rss.maxbits: 7
net.inet.rss.mask: 7
net.inet.rss.bits: 3
net.inet.rss.hashalgo: 2
hw.bxe.udp_rss: 0
hw.ix.enable_rss: 1
net.isr.numthreads: 8
net.isr.maxprot: 16
net.isr.defaultqlimit: 256
net.isr.maxqlimit: 10240
net.isr.bindthreads: 1
net.isr.maxthreads: 8
net.isr.dispatch: hybrid
Configuration:
Setting Current Limit
Thread count 8 8
Default queue limit 256 10240
Dispatch policy hybrid n/a
Threads bound to CPUs enabled n/a
Netstat also properly delays 8 queues.
Anyone have any ideas that aren't turning off RSS? I believe that netmap is going to want a host ring per queue if there are muliple queues, but frankly getting a bit out of my depth here. Any assistance would be appreciated.
Thanks.
I am having issues with Suricata allocating host-rings after an upgrade to 25.1.11. This was working before an upgrade of OPNsense from version 25.1.6_4.
I am running RSS.
2025-07-20T04:12:28 Error suricata [105418] <Error> -- opening devname netmap:ix1-0/R@conf:host-rings=8 failed: Invalid argument
OPNsense 25.1.11-amd64
FreeBSD 14.2-RELEASE-p4
OpenSSL 3.0.17
Intel(R) Atom(TM) CPU C3758 @ 2.20GHz (8 cores, 8 threads)
dev.ix.1.%desc: Intel(R) X553 N (SFP+)
net.inet.rss.bucket_mapping: 0:0 1:1 2:2 3:3 4:4 5:5 6:6 7:7
net.inet.rss.enabled: 1
net.inet.rss.debug: 0
net.inet.rss.basecpu: 0
net.inet.rss.buckets: 8
net.inet.rss.maxcpus: 64
net.inet.rss.ncpus: 8
net.inet.rss.maxbits: 7
net.inet.rss.mask: 7
net.inet.rss.bits: 3
net.inet.rss.hashalgo: 2
hw.bxe.udp_rss: 0
hw.ix.enable_rss: 1
net.isr.numthreads: 8
net.isr.maxprot: 16
net.isr.defaultqlimit: 256
net.isr.maxqlimit: 10240
net.isr.bindthreads: 1
net.isr.maxthreads: 8
net.isr.dispatch: hybrid
Configuration:
Setting Current Limit
Thread count 8 8
Default queue limit 256 10240
Dispatch policy hybrid n/a
Threads bound to CPUs enabled n/a
Netstat also properly delays 8 queues.
Anyone have any ideas that aren't turning off RSS? I believe that netmap is going to want a host ring per queue if there are muliple queues, but frankly getting a bit out of my depth here. Any assistance would be appreciated.
Thanks.
Pages1
