Errors out on VLAN interfaces with Suricata/netmap

[LeBleu]

Hello,

I have a lot of "errors out" on interfaces with VLAN when suricata/netmap is enable. Errors count increments continuously and it's worst with high load >800Mbps.

My setup :

• version 22.1.2
• Proxmox VM
• 2 interfaces: WAN and LAN, both with VirtIO

Parent interface is assigned and enabled, all hardware offloading is off including VLAN filtering. Suricata is enabled on parent interface.
I have no error on parent interface nor on WAN (no VLAN on WAN)
I tested with Intel E1000 instead of VirtIO without luck, errors are still counting.

Are there any tunables or setting to change to avoid those errors ?

If you need more informations, log, dump I can provide them.

I plan to buy an OPNSense appliance, do someone use it with VLAN and suricata without error on appliance?

Best Regards,

[LeBleu]

Hi,
I received and configured my new OPNSense DEC850 appliance.
I tough that whith OPNSense Business edition and certified hardware it will be better but no, I still have issue with errors out.

New configuration :
- OPNSense appliance DEC850
- igb interfaces
- OPNSense Business 21.10.3

Maybe suricata/netmap need to be tweeked to allow full speed with vlan tag ?
There is a field "default packet size" in suricata advances parameter. I suppose packets with vlan tag are larger than normal, should I change this parameter?