Text only | Text with Images

OPNsense Forum

English Forums => Hardware and Performance => Topic started by: Gary7 on December 19, 2021, 10:36:40 PM

Title: Do we need to load certain kernel modules if we don't use the modules?
Post by: Gary7 on December 19, 2021, 10:36:40 PM
In my (misguided) attempts to get maximum performance out of OPNsense, I have a some questions about the need for certain loaded kernel modules.

I have a VERY simple home configuration: no in-bound traffic, no high-availability(CARP), no iPSEC, no tunneling of any kind, no LAGG, no PPP, and no VLAN

Is there any advantage (or disadvantage) to not loading certain modules since I won't be using them?

carp_load="NO"      #Common Address Redundancy Protocol (CARP)
if_enc_load="NO"    #encryption needed for IPSEC
if_gif_load="NO"     #generic tunnel interface
if_gre_load="NO"    #Generic Routing Encapsulation
if_lagg_load="NO"   #link aggregation and link failover
if_tap_load="NO"    #Ethernet tunnel software network interface (for virtualization?)
if_tun_load="NO"    #tunnel driver (user process ppp)
if_vlan_load="NO"   #IEEE 802.1Q VLAN network interface

As a test, I added this to /boot/loader.conf.local and rebooted.
I know that it's reading these local settings because the order of modules displayed by kldstat changes.
kernel modules moved down in the list:
13    1 0xffffffff82a2e000     6890 carp.ko
14    1 0xffffffff82a35000      d7a if_enc.ko
15    1 0xffffffff82a36000     4bba if_gre.ko
16    1 0xffffffff82a3b000     a230 if_lagg.ko
17    1 0xffffffff82a46000     30c1 if_tap.ko
and modules not loaded
    if_gif_load
    if_tun_load
    if_vlan_load

Apparently, carp, enc, gre, lagg, and tap are getting loaded later during boot.
On the dashboard, I'm getting a CARP error. Since I don't use CARP, I'm ignoring it.

Is there any possibility there would be lower kernel overhead by not loading these modules? Other, than some slight reduction of in-memory kernel size?

As a side note, FreeBSD 13 has the possibility of a VERY nice performance increase due the improvements in if_bridge and other optimizations.

Title: Re: Do we need to load certain kernel modules if we don't use the modules?
Post by: Patrick M. Hausen on December 19, 2021, 10:50:12 PM
Other than in a really tight memory situation a module that is loaded but unused does not hurt you. Are you using if_bridge? If you use it to turn an appliance with e.g. 4 Gbit ports into a switch, consider getting a small and cheap switch instead. But you are correct, vast improvements here coming in with FreeBSD 13.
Title: Re: Do we need to load certain kernel modules if we don't use the modules?
Post by: Gary7 on December 19, 2021, 10:56:46 PM
I thought that if_bridge was required for OPNsense routing and/or firewall functions.

I am only using a single WAN and a single LAN interface.
Title: Re: Do we need to load certain kernel modules if we don't use the modules?
Post by: Patrick M. Hausen on December 19, 2021, 11:54:57 PM
As long as you do not explicitly configure a bridge interface spanning multiple physical ports, you are not using it. So you are not impacted by the less than optimal performance in FreeBSD 12 and below.
Text only | Text with Images