OPNsense Forum

English Forums => Hardware and Performance => Topic started by: Linwood on April 19, 2022, 06:53:32 pm

Title: HyperV NIC Performance - Any point in pursuing?
Post by: Linwood on April 19, 2022, 06:53:32 pm
I have HyperV running on a Windows 10 desktop, which right now is my home "server" for doing security video, automation, etc.   It is largely loafing.

I set up a HyperV VM with OPNsense trunking in the internet and (6 or so) VLAN's needed, and got a basic configuration working in place of my current router/firewall (OpenWRT).  Very cool it worked, though I have a LOT of configuration to do.

I noticed the performance is rather bad.  This is expected, I have only one NIC (available) and it also is running management, so both WAN and LAN VLAN's and management are all on that one NIC (another NIC is dedicated to video).  I could buy more NIC's, but....

Has anyone pursued using (Windows 10) HyperV as a host for OPNsense and gotten good performance from it?   Is it worth buying another couple Intel NIC's, or is this just a silly direction, and I need to buy a good mini-PC?

For perspective I got about 80mbs download off a 350mbs internet (i.e. OpenWRT can do 350mbs).  Again this was among the worst possible setup, so that is not surprising.  My question is whether it is worth even pursuing?

Secondary question: If I put in real hardware, could I migrate the configuration (given the device names change) to HyperV as a backup server, either in a HA mode or just manual migration of setups?   Or is it necessary to configure separately because of different interface names (and maybe other stuff due to hardware)?

Thanks,

Linwood
Title: Re: HyperV NIC Performance - Any point in pursuing?
Post by: Linwood on April 19, 2022, 09:49:19 pm
Well, I think I can answer half my question - pfSync can't be used to sync dissimilar setups.
Title: Re: HyperV NIC Performance - Any point in pursuing?
Post by: Linwood on April 24, 2022, 08:47:42 pm
I have been exploring OPNsense more and more, and once I had a completely working system, tried taking it to HyperV to see if I had a viable backup.

The short version is it is very viable.  I just moved back to HyperV and it nicely keeps up with my 350mbs down Comcast link.

The longer version is that the migration is a bit tedious as I only have one NIC on the HyperV.  I may order a second, though the workarounds are not too bad.  In case these hints help anyone else:

To trunk into a VLAN aware OS like opnsense on HyperV you need powershell like this:

Code: [Select]
Set-VMNetworkAdapterVlan -VMName OPNsense -Trunk -AllowedVlanIdList "131,132,134,136,137,300" -NativeVlanID 1
I use VLAN1 as LAN, 13x for special purposes, and 300 for the internet link to my cable modem.   

To make the cable modem fail over gracefully, I also set a static mac address on the HyperV switch (for this VM) that matches the physical hardware OPnsense normally uses for the internet:

Code: [Select]
set-vmnetworkadapter -vmname opnsense -name "Network Adapter" -staticmacaddress yo-ur-ma-ca-dd-re -MACAddressSpoofing On
Otherwise I find I have to reload the cable modem and it takes a long time to pull an address; use the same MAC it's immediate.

When I want to migrate over I roughly do this:


Details will vary depending on config, in my case VLAN300 was a separate NIC on the physical so the find/replace did not succeed, I had to manually add that VLAN in interface assignment (shell) and it seemed OK, but I think you definitely need the same number of physical NIC's to make this easy.

I have not tried passthru mode as I don't have enough NIC's, but given the modest needs I have with a 350mbs circuit, I see no difference in performance yet even with one NIC.  Previously when I tried it, it was really slow, but I think that was an extra (old) switch in the mix between the cable modem and OPNsense.  Or maybe a bad OPNsense configuration, as I was really new to it.

It's very cool really to be able to back up physical hardware with a HyperV instance in a pinch.