English Forums > Zenarmor (Sensei)

Sensei seems to choke when enabled on LAN with LAGG

(1/1)

BondiBlueBalls:
Hey, all. I currently have a Protectli FW6E (i7, 16Gb RAM, etc...) running 21.7.3_3 with a 4x1gb LAGG for my LAN. I also have multiple VLANs on the LAGG. Everything runs great until I enable Sensei on the LAN. It looks like NMAP is going crazy and my network drops, or at least it stops routing traffic. I've included logs of the event, so I hope they help.


--- Code: ---2021-10-07T06:41:06 configctl[43225] event @ 1633606866.26 exec: system event config_changed
2021-10-07T06:41:06 configctl[43225] event @ 1633606866.26 msg: Oct  7 06:41:06 OPNsense.<redacted>.local config[73496]: [2021-10-07T06:41:06-05:00][info] config-event: new_config /conf/backup/config-1633606866.2622.xml
2021-10-07T06:39:47 configctl[43225] event @ 1633606786.67 exec: system event config_changed
2021-10-07T06:39:47 configctl[43225] event @ 1633606786.67 msg: Oct  7 06:39:46 OPNsense.<redacted>.local config[71815]: [2021-10-07T06:39:46-05:00][info] config-event: new_config /conf/backup/config-1633606786.6651.xml
2021-10-07T06:39:47 configctl[43225] event @ 1633606786.67 msg: Oct  7 06:39:46 OPNsense.<redacted>.local config[6171]: [2021-10-07T06:39:46-05:00][info] config-event: new_config /conf/backup/config-1633606786.4508.xml
2021-10-07T06:39:43 configctl[43225] unable to connect to configd socket (@/var/run/configd.socket)
2021-10-07T06:39:43 configctl[43225] event @ 1633606783.20 exec: system event config_changed
2021-10-07T06:39:43 configctl[43225] event @ 1633606783.20 msg: Oct  7 06:39:43 OPNsense.<redacted>.local config[71483]: [2021-10-07T06:39:43-05:00][info] config-event: new_config /conf/backup/config-1633606783.2.xml
2021-10-07T06:39:31 configctl[43225] event @ 1633606770.99 exec: system event config_changed
2021-10-07T06:39:31 configctl[43225] event @ 1633606770.99 msg: Oct  7 06:39:30 OPNsense.<redacted>.local config[19626]: [2021-10-07T06:39:30-05:00][info] config-event: new_config /conf/backup/config-1633606770.9875.xml
2021-10-07T06:38:31 kernel 711.544028 [1035] generic_netmap_dtor       Emulated netmap adapter for lagg0 destroyed
2021-10-07T06:38:31 kernel 711.536134 [ 295] generic_netmap_unregister Emulated adapter for lagg0 deactivated
2021-10-07T06:17:55 eastpect[40592] nm1::lagg0^: permanently promiscuous mode enabled
2021-10-07T06:17:55 kernel 475.873786 [ 320] generic_netmap_register   Emulated adapter for lagg0 activated
2021-10-07T06:17:55 kernel 475.864627 [1130] generic_netmap_attach     Emulated adapter for lagg0 created (prev was NULL)
2021-10-07T06:17:55 kernel 475.855942 [1035] generic_netmap_dtor       Emulated netmap adapter for lagg0 destroyed
2021-10-07T06:17:55 kernel 475.847007 [1130] generic_netmap_attach     Emulated adapter for lagg0 created (prev was NULL)
2021-10-07T06:17:55 eastpect[40592] nm0::lagg0: permanently promiscuous mode enabled
2021-10-07T06:17:52 configctl[43225] event @ 1633605472.12 exec: system event config_changed
2021-10-07T06:17:52 configctl[43225] event @ 1633605472.12 msg: Oct  7 06:17:52 OPNsense.<redacted>.local config[80477]: [2021-10-07T06:17:52-05:00][info] config-event: new_config /conf/backup/config-1633605472.1212.xml
2021-10-07T06:17:52 configctl[43225] event @ 1633605472.12 msg: Oct  7 06:17:51 OPNsense.<redacted>.local config[80477]: [2021-10-07T06:17:51-05:00][info] config-event: new_config /conf/backup/config-1633605471.8777.xml
2021-10-07T06:17:52 configctl[43225] event @ 1633605472.12 msg: Oct  7 06:17:51 OPNsense.<redacted>.local config[39751]: [2021-10-07T06:17:51-05:00][info] config-event: new_config /conf/backup/config-1633605471.4335.xml
2021-10-07T06:17:52 configctl[43225] event @ 1633605472.12 msg: Oct  7 06:17:51 OPNsense.<redacted>.local config[80477]: [2021-10-07T06:17:51-05:00][info] config-event: new_config /conf/backup/config-1633605471.3604.xml
2021-10-07T06:17:52 configctl[43225] event @ 1633605472.12 msg: Oct  7 06:17:51 OPNsense.<redacted>.local config[80477]: [2021-10-07T06:17:51-05:00][info] config-event: new_config /conf/backup/config-1633605471.3471.xml
2021-10-07T06:15:09 configctl[43225] event @ 1633605309.45 exec: system event config_changed
2021-10-07T06:15:09 configctl[43225] event @ 1633605309.45 msg: Oct  7 06:15:09 OPNsense.<redacted>.local config[80477]: [2021-10-07T06:15:09-05:00][info] config-event: new_config /conf/backup/config-1633605309.449.xml
2021-10-07T06:15:09 configctl[43225] event @ 1633605309.45 msg: Oct  7 06:15:08 OPNsense.<redacted>.local config[37704]: [2021-10-07T06:15:08-05:00][info] config-event: new_config /conf/backup/config-1633605308.9967.xml
2021-10-07T06:15:09 configctl[43225] event @ 1633605309.45 msg: Oct  7 06:15:08 OPNsense.<redacted>.local config[32464]: [2021-10-07T06:15:08-05:00][info] config-event: new_config /conf/backup/config-1633605308.9241.xml
2021-10-07T06:15:09 configctl[43225] event @ 1633605309.45 msg: Oct  7 06:15:08 OPNsense.<redacted>.local config[32464]: [2021-10-07T06:15:08-05:00][info] config-event: new_config /conf/backup/config-1633605308.9107.xml
2021-10-07T06:15:09 configctl[43225] event @ 1633605309.45 msg: Oct  7 06:15:08 OPNsense.<redacted>.local config[32464]: [2021-10-07T06:15:08-05:00][info] config-event: new_config /conf/backup/config-1633605308.6668.xml
2021-10-07T06:14:02 configctl[43225] event @ 1633605242.48 exec: system event config_changed
2021-10-07T06:14:02 configctl[43225] event @ 1633605242.48 msg: Oct  7 06:14:02 OPNsense.<redacted>.local config[80477]: [2021-10-07T06:14:02-05:00][info] config-event: new_config /conf/backup/config-1633605242.4787.xml
2021-10-07T06:09:44 configctl[43225] event @ 1633604983.51 exec: system event config_changed
2021-10-07T06:09:44 configctl[43225] event @ 1633604983.51 msg: Oct  7 06:09:43 OPNsense.<redacted>.local config[67649]: [2021-10-07T06:09:43-05:00][info] config-event: new_config /conf/backup/config-1633604983.5113.xml
2021-10-07T06:09:44 configctl[43225] event @ 1633604983.51 msg: Oct  7 06:09:43 OPNsense.<redacted>.local config[56579]: [2021-10-07T06:09:43-05:00][info] config-event: new_config /conf/backup/config-1633604983.4324.xml
2021-10-07T06:09:44 configctl[43225] event @ 1633604983.51 msg: Oct  7 06:09:42 OPNsense.<redacted>.local config[34736]: [2021-10-07T06:09:42-05:00][info] config-event: new_config /conf/backup/config-1633604982.9949.xml
2021-10-07T06:09:44 configctl[43225] event @ 1633604983.51 msg: Oct  7 06:09:42 OPNsense.<redacted>.local config[34736]: [2021-10-07T06:09:42-05:00][info] config-event: new_config /conf/backup/config-1633604982.9639.xml
2021-10-07T06:09:41 syslog-ng[60118] Configuration reload finished;
2021-10-07T06:09:41 syslog-ng[60118] Configuration reload request received, reloading configuration;
2021-10-07T06:09:40 configctl[9516] event @ 1633604980.49 exec: system event config_changed
2021-10-07T06:09:40 configctl[9516] event @ 1633604980.49 msg: Oct  7 06:09:40 OPNsense.<redacted>.local config[44034]: [2021-10-07T06:09:40-05:00][info] config-event: new_config /conf/backup/config-1633604980.4902.xml
2021-10-07T06:09:40 configctl[9516] event @ 1633604980.49 msg: Oct  7 06:09:40 OPNsense.<redacted>.local config[66341]: [2021-10-07T06:09:40-05:00][info] config-event: new_config /conf/backup/config-1633604980.2259.xml
2021-10-07T06:09:39 configctl[9516] event @ 1633604979.39 exec: system event config_changed
2021-10-07T06:09:39 configctl[9516] event @ 1633604979.39 msg: Oct  7 06:09:39 OPNsense.<redacted>.local config[86167]: [2021-10-07T06:09:39-05:00][info] config-event: new_config /conf/backup/config-1633604979.3936.xml
2021-10-07T06:09:39 configctl[9516] event @ 1633604979.39 msg: Oct  7 06:09:39 OPNsense.<redacted>.local config[82305]: [2021-10-07T06:09:39-05:00][info] config-event: new_config /conf/backup/config-1633604979.315.xml
2021-10-07T06:09:39 configctl[9516] event @ 1633604979.39 msg: Oct  7 06:09:39 OPNsense.<redacted>.local config[82305]: [2021-10-07T06:09:39-05:00][info] config-event: new_config /conf/backup/config-1633604979.3001.xml
2021-10-07T06:09:39 configctl[9516] event @ 1633604979.39 msg: Oct  7 06:09:39 OPNsense.<redacted>.local config[68302]: [2021-10-07T06:09:39-05:00][info] config-event: new_config /conf/backup/config-1633604979.2185.xml
2021-10-07T06:09:28 configctl[9516] event @ 1633604967.52 exec: system event config_changed
2021-10-07T06:09:28 configctl[9516] event @ 1633604967.52 msg: Oct  7 06:09:27 OPNsense.<redacted>.local config[79051]: [2021-10-07T06:09:27-05:00][info] config-event: new_config /conf/backup/config-1633604967.5161.xml

--- End code ---

I've read a couple other threads that seem to indicate that Sensei doesn't handle LAGG very well. If anyone could shed some light on this, I'd appreciate it. I apologize if I've forgotten any relevant info.

Thanks much!

sy:
Hi,

Sensei uses netmap that is an Operating System subsystem to grab packets off the wire. Netmap is not compatible with LAGG interfaces yet. So this will occur if you use Suricata in IPS mode as well.

BondiBlueBalls:
Well, that's that. Time to move from 4x1Gb to 10Gb. Thank you for the info!

Navigation

[0] Message Index

Go to full version