NSX Network Detection and Response - SNIFFING: Warning: IOMMU enabled in the kernel boot options but not supported
search cancel

NSX Network Detection and Response - SNIFFING: Warning: IOMMU enabled in the kernel boot options but not supported

book

Article ID: 323928

calendar_today

Updated On:

Products

VMware

Issue/Introduction

After upgrading hosted sensors to version 1380, lastline_test_appliance reports: 
> SNIFFING: Warning: IOMMU enabled in the kernel boot options but not supported

And monitoring logs show this warning:

image.png

Resolution

IOMMU support is not enabled on the VM settings.

To fix it, on the ESXi host or vSphere go to VM > Settings > CPU > IOMMU

image.png

Enabling IOMMU support will increase drastically the performance of the sniffing interfaces.

With sensor 1380 we have switched the appliance to a different architecture based on the Intel DPDK framework. This leads to significant changes in appliance behavior when it comes to sniffing appliances.

Note:

  • IOMMU setting is only effective for virtual hardware 14 (ESXi 6.7 and later).
image.png

Additional Information

Note: This article is applicable to the standalone NSX Network Detection and Response product (formerly Lastline) and is not intended to be applied to the NSX NDR feature of NSX-T.

Powered by Wolken Software