Bug #12607
closedInstability with Snort Inline with AWS Instances
0%
Description
The ena driver seems to have instability when enabling inline snort. Because AWS is behind NAT Legacy mode is not viable, so utilizing inline is necessary. The ena driver recently added support for inline mode, but it appears that when you enable it the interface flaps up and down.
Nov 29 08:36:14 pfSense kernel: ena0: device is going DOWN
Nov 29 08:36:14 pfSense kernel: ena0: device is going UP
Nov 29 08:36:14 pfSense kernel: ena0: Creating 2 IO queues. Rx queue size: 1024, Tx queue size: 1024, LLQ is DISABLED
Nov 29 08:36:14 pfSense kernel: ena0: device is going DOWN
Nov 29 08:36:14 pfSense kernel: ena0: device is going UP
As soon as you put snort into IDS mode and disable blocking the issues go away.
Updated by Viktor Gurov about 2 years ago
Need to test with the latest 22.01/2.6 snapshot - ena(4) updated from 2.2.0 to 2.4.1 in FreeBSD 12.3
see https://www.freebsd.org/releases/12.3R/relnotes/
Updated by Marcos M about 2 years ago
https://github.com/pfsense/FreeBSD-src/commit/7dbcef9536b410426e8b391e721e5800f5d503b5
* Netmap support for ENAv3.
I wonder if this means that previous ENA versions do not support it, and if that's the case what AWS instance types support ENAv3?
Updated by Kris Phillips over 1 year ago
This can likely be closed as I've seen zero complaints on newer Plus releases for Snort Inline in AWS. Likely these issues were fixed in FreeBSD upstream.
Updated by Jim Pingle over 1 year ago
- Status changed from New to Closed
- Priority changed from High to Normal