Firewall crash if Zenarmor used with NICs supported by “em” driver

[filippo1974]

Hi, I just wanted to share my experience after some headaches getting Zenarmor working on my home firewall, in case it may be useful for anybody else.

The hardware initially used a legacy PCI Express Gigabit card based on an Intel 82547 NIC as LAN interface and the motherboard built-in Realtek 8169 as WAN. Everything was fine until I activated Zenarmor on it. Since then, the firewall would randomly crash and reboot, something like once every 20-30 minutes. Switching to emulated netmap in Zenarmor didn't improve the situation. Of course, all offload functions of the NIC cards were duly disabled. I apparently couldn't find a clear culprit. Then I read several posts about possible issues of netmap with certain drivers / NIC hardware. So I disabled the built-in Realtek NIC and swapped the old Intel 82547 NIC with a more recent Intel i350-based NIC. The latter is supported by the "igb" driver, while the older one used the "em" driver. After this swap, Zenarmor works flawlessly in native netmap mode. The i350 card spots two Ethernet ports, so I use it for both WAN and LAN interfaces.

So, if anybody out there experience random crashes/hangs/reboots, check if the NIC cards where you enabled Zenarmor uses the "em" driver and, if so, try replacing it with models supported by the "igb" driver.

Best regards,
Filippo