Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Errors out on VLAN interfaces with Suricata/netmap
« previous
next »
Print
Pages: [
1
]
Author
Topic: Errors out on VLAN interfaces with Suricata/netmap (Read 1158 times)
LeBleu
Newbie
Posts: 4
Karma: 0
Errors out on VLAN interfaces with Suricata/netmap
«
on:
March 03, 2022, 03:21:58 pm »
Hello,
I have a lot of "errors out" on interfaces with VLAN when suricata/netmap is enable. Errors count increments continuously and it's worst with high load >800Mbps.
My setup :
version 22.1.2
Proxmox VM
2 interfaces: WAN and LAN, both with VirtIO
Parent interface is assigned and enabled, all hardware offloading is off including VLAN filtering. Suricata is enabled on parent interface.
I have no error on parent interface nor on WAN (no VLAN on WAN)
I tested with Intel E1000 instead of VirtIO without luck, errors are still counting.
Are there any tunables or setting to change to avoid those errors ?
If you need more informations, log, dump I can provide them.
I plan to buy an OPNSense appliance, do someone use it with VLAN and suricata without error on appliance?
Best Regards,
«
Last Edit: March 03, 2022, 03:53:00 pm by LeBleu
»
Logged
LeBleu
Newbie
Posts: 4
Karma: 0
Re: Errors out on VLAN interfaces with Suricata/netmap
«
Reply #1 on:
March 18, 2022, 02:41:22 pm »
Hi,
I received and configured my new OPNSense DEC850 appliance.
I tough that whith OPNSense Business edition and certified hardware it will be better but no, I still have issue with errors out.
New configuration :
- OPNSense appliance DEC850
- igb interfaces
- OPNSense Business 21.10.3
Maybe suricata/netmap need to be tweeked to allow full speed with vlan tag ?
There is a field "default packet size" in suricata advances parameter. I suppose packets with vlan tag are larger than normal, should I change this parameter?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Errors out on VLAN interfaces with Suricata/netmap