4. Suricata inline causing interface restart

Suricata inline causing interface restart

  • N

    I'm running into an issue with the Netgate XG-7100 and Suricata in inline mode. Suricata seems to be filling up the buffer of the NIC and causing the VLAN LAGG interface to restart constantly. I've disabled the hardware offloading options in advanced -> networking, and reduced the rules to only some of the Emerging Threats ruleset categories but I'm still running into this.

    I'm running VLANs and I've read that turning off vlanhwfilter on the interface can help, but I'm not sure how this will affect the VLANs. Does anyone know if this will help? Or will it affect the VLANS?

    Or does the XG-7100 just not have the processing power to keep up with Suricata and about 100 networked clients?

    Thanks!

    0

  • If you have Intel NICs, then see if any of the suggestions in this Sticky Post will help you.

    As for disabling hardware VLAN filtering, see this thread: https://forum.netgate.com/topic/117547/vlan-hardware-filtering.

    0
  • N

    I've tried most of that thread, but no luck. Looks like CPU just can't keep up. Thanks for the suggestions!

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy