T00:27:44 kernel 464.324372 netmap_transmit bce0 drop mbuf that needs checksum offload T00:27:49 kernel 469.475112 netmap_transmit bce0 drop mbuf that needs checksum offload T00:27:54 kernel 474.761838 netmap_transmit bce0 drop mbuf that needs checksum offload T00:28:00 kernel 479.940436 netmap_transmit bce0 drop mbuf that needs checksum offload T00:28:00 kernel 480.194945 netmap_transmit bce0 drop mbuf that needs checksum offload T00:28:05 kernel 485.572543 netmap_transmit bce0 drop mbuf that needs checksum offload T00:28:10 kernel 490.690419 netmap_transmit bce0 drop mbuf that needs checksum offload I also have IDS/IPS up and running as well as Sensei.Īfter "a while" (usually only minutes after reboot) of traffic I get the following error in the log, multiple times per second: I have "some" traffic on WAN with quite constantly 60 to 100MBit (mainly due to IP cam streams), which I consider as handeable with my setup.
Modify driver source changes with conditional compile calls to netmap functions either in existing netmap library or to functions defined in < if_iProcNorthstar_netmap.h>.I'm running OPNsense (20.7.2-amd64) with one Broadcom NetXtreme II BCM5709 for WAN (bce0) and one for LAN (bce1), further on I have 4x Intel 82580, which I use for other LANs like IoT (igb1) and Guests (igb0) etc.Netmap driver changes code#
This will contain board-specific source code functions needed to integrate to netmap
Provide newNetmap driver changes drivers#
ğamiliarize with iProc Ethernet drivers (iproc/bcmdrivers/gmac/src/et/sys, particularly et_linux.c and etcgmac.c are good places to start) (in part 2) familiarize with how driver manages NAT services in the FA, and ensure similar service is available when netmap is active. The file netmap.c contains the conditional-compile calls to the
Netmap driver changes Pc#
view the installed changes to the PC netmap version installed using e1000e Ethernet card, which has been installed on a FreeBSD PC platform and ubuntu linux. view the changes made to ixgbe_netmap_linux.h to see the best explanations for the strategies The netmap libraries are platform-independent, however these libraries require changes to the Ethernet driver (source code) in order to be integrated with the system.
Methods are needed to still provide NAT services while netmap is in operation. These services are normally autonomously managed with the standard stack and libraries. Changing the s-p gateway application is a separate project.Ī second part of this project involves making use of the NAT services in the iProc hardware (FA). This project consist of the first requirement above, integrating the Netmap libraries with the iProc Ethernet interface. The s-p gateway application needs to change to use netmap instead of NFQUEUE These changes are Ethernet-interface specific. changes must be done in the existing Ethernet drivers. The gateway target platform is the iProc Northstar+. Netmap is a new library and network interface which gives a linux application direct access to the Ethernet interface ingress and egress frames, bypassing the kernel network processing. These libraries allow the application to receive and thus modify frames targeted for other IP addresses but at the expense of cpu/kernel-stack consumption.Ī more-cpu efficient method is needed to handle the network interface of these frames. This is currently implemented using linux NFQUEUE libraries. NAT services (Ue Ip addresses are NAT-ed before leaving the SGi, and unNAT-ed when entering GTP encapsulation when sending to eNodeB, and GTP extraction/mapping when receiving from eNodeB
The SP-Gateway datapath has the responsibility of managing all the packet flows between the SGi interface and eNodeB S1U interface.