Hello,
we are experiencing a weird behavior in our performance tests.
We have OPNSense 22.1.6 virtualized with qemu. VM with 4 core, 3 NIC 1G with virtio (LAN, WAN, Management).
We are testing bidirectional traffic between WAN and LAN and we have a packet drops problem.
We notice these weird things:
1) the percentage of drop does not depend on the throughput, from 30Mbps to 700Mbps (Imix410 bidirectional) we have always more or less the same results:
~ 0,06% - 0,12% packet drops on both sides (LAN and WAN).
2) If we enable Suricata IDS we have 0 packet drops!!
That's sound very strange to me.
Does someone has any ideas on what's happening?
Note:
- we have Dpdk acceleration on the host.
- With OPNSense 21.6 and previous versions we had terrible performance, we couldn't go over 140Mbps Imix 410 without IDS and ~ 80Mpbs with IDS, with much more packet drops.
- The OPNSense configuration is very basic: no service active, no NAT, no rule on firewall (except for a "pass all" rule on WAN), no VLAN, no IPS.
Thanks in advance!