4. Suricata inline causing interface restart

Suricata inline causing interface restart

  • N

    I'm running into an issue with the Netgate XG-7100 and Suricata in inline mode. Suricata seems to be filling up the buffer of the NIC and causing the VLAN LAGG interface to restart constantly. I've disabled the hardware offloading options in advanced -> networking, and reduced the rules to only some of the Emerging Threats ruleset categories but I'm still running into this.

    I'm running VLANs and I've read that turning off vlanhwfilter on the interface can help, but I'm not sure how this will affect the VLANs. Does anyone know if this will help? Or will it affect the VLANS?

    Or does the XG-7100 just not have the processing power to keep up with Suricata and about 100 networked clients?

    Thanks!

    0

  • If you have Intel NICs, then see if any of the suggestions in this Sticky Post will help you.

    As for disabling hardware VLAN filtering, see this thread: https://forum.netgate.com/topic/117547/vlan-hardware-filtering.

    0
  • N

    I've tried most of that thread, but no luck. Looks like CPU just can't keep up. Thanks for the suggestions!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy