Text only | Text with Images

OPNsense Forum

English Forums => Hardware and Performance => Topic started by: Gafzgarrr on January 03, 2022, 06:09:23 PM

Title: Performance issue on APU 4d4 - don´t know why
Post by: Gafzgarrr on January 03, 2022, 06:09:23 PM
Hello Floks,

i have some strange performance issues on my Opnsense, which runs on an APU4d4 Board.

Speedtests only get me 10/8Mbit/s!
But i have 200/8 from my ISP. And this speed is accessable direkt at the bride modem Port.

I tried many trouble shooting. I stopped suricata, netflow and ntopng.
But allways the same behavior. (but CPU is not that much).

Strange thing is: 5 - 10 Minutes after rebooting the system, i get my full speed (213/9Mbit/s).
After 10 Minutes it lowers to about 100Mbit, and after 15 Minutes it is 10Mibt again.

Same behavior, after i disable and enable packet filering.

There must be something in my Rules or in the pf-engine, whitch causes this issue.

Any ideas???

PS: i only use standard rules and GeoIP Filter.
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Gafzgarrr on January 04, 2022, 10:09:00 PM
Okay small win.
i deactivated Multi-WAN in the firewall settings, since i only have one WAN.

Now Speed goes up to 30-50Mbit/s.
But not what i want in final.

---UPDATE: false information, after about 15 Minutes it is again at 12 Mbit/s
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Northguy on January 04, 2022, 10:52:47 PM
Don't have a solution, but don't trust your figures either. I am on a 300/30 connection and can obtain full speed with a 2D4. Within LAN iPerf can almost max out my gigabit nic. Maybe recheck cables or perform a reinstall? Also check latest APU firmware
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Gafzgarrr on January 05, 2022, 05:47:51 PM
UPDATE: found out, that i have an 88% block-rate.
all IPv6 ICMP Packets.
How can i block those packets without disturbing my system?
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Northguy on January 05, 2022, 10:40:48 PM
What is in your rule? BLOCK or REJECT? If it is REJECT, change it to BLOCK.

https://docs.opnsense.org/manual/firewall.html

Are you using IPv6? If not, disable IPv6 altogether (on the interface)
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Gafzgarrr on January 06, 2022, 01:09:50 PM
i don´t use IPv6.
The block rules are automatic since i deny v6 unter Firewall/Settings/advanced

v6 is not configurated on my WAN-interface. But i get flooded by ICMPv6 Broadcast packets.
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Northguy on January 06, 2022, 06:11:11 PM
I fail to see why you should see such traffic if you do not use IPv6 and have IPv6 disabled on all interfaces
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Patrick M. Hausen on January 06, 2022, 07:16:15 PM
These are IPv6 multicast packets transported over layer 2 broadcast. So they arrive at the interface whether one wants them or not. I'd take that to the ISP at this point of the discussion.
Title: Re: Performance issue on APU 4d4 - don´t know why
Post by: Gafzgarrr on January 07, 2022, 08:32:21 PM
hey guys,

ISP says this is normal.
Do you think so?
(see Pictures)
Text only | Text with Images