Thinking to migrate to a CPU with 6 cores / 12 threads vs 4 cores / 4 threads I have today, will OPNsense take full advantage of it while using IDS/IPS/Zenarmor/Other Tool functionality? Thanks
Unfortunately, ZenArmor is still optimized for single-core performance, and full multi-core support has been a long-standing request. There have been some tentative promises in this regard, but the delivery date continues to be delayed.
but other opnsense functionality could use the multi thread cpu ?
Zenarmor multi-core support is expected to arrive in Q2 of 2025, you can follow the updates.
Quote from: IHK on September 23, 2024, 08:42:38 AM
Zenarmor multi-core support is expected to arrive in Q2 of 2025, you can follow the updates.
It would be better for the year 2040
I have a 4 core 8 thread CPU and I see the different cores kind of shuffle along, normally in pairs as different things are happening. Not really seeing multicore, more like shifting single core processing. In general, more cores = better, but this isn't a definitive answer.
Also more ram = better to a certain extent, it looks like 16GB is a pretty good level right now, Zenarmor can be a little hungry and 8GB was running 75-80% ram used until I went up to 16GB. Sometimes I'll see 56-60% in use, sometimes only 35-40% now, extra RAM is a good thing with the cost being so low. Just my personal recommendation.
Quote from: dinguz on September 22, 2024, 07:48:33 PM
Unfortunately, ZenArmor is still optimized for single-core performance, and full multi-core support has been a long-standing request. There have been some tentative promises in this regard, but the delivery date continues to be delayed.
Quote from: IHK on September 23, 2024, 08:42:38 AM
Zenarmor multi-core support is expected to arrive in Q2 of 2025, you can follow the updates.
I even opened a topic for this, it was promised to Q4 2024
https://forum.opnsense.org/index.php?topic=41295.msg202730#msg202730
Quote from: Greg_E on September 23, 2024, 07:36:39 PM
I have a 4 core 8 thread CPU and I see the different cores kind of shuffle along, normally in pairs as different things are happening. Not really seeing multicore, more like shifting single core processing. In general, more cores = better, but this isn't a definitive answer.
Also more ram = better to a certain extent, it looks like 16GB is a pretty good level right now, Zenarmor can be a little hungry and 8GB was running 75-80% ram used until I went up to 16GB. Sometimes I'll see 56-60% in use, sometimes only 35-40% now, extra RAM is a good thing with the cost being so low. Just my personal recommendation.
You can use RSS + in ZA disable pinning to only 1 CPU. This uplifts the Performance a bit.
Regards,
S.
Yes, I think you suggested unpinning to another person and I quickly went and made the change to mine. I think this is why I see the core temps kind of move around, but they always do this in pairs of threads, so SMP may not really be happening in the way that we have become accustomed to seeing it used. It's fast enough for me right now, but I'd like to see the mutlithreaded version added.
Quote from: yeraycito on September 23, 2024, 06:50:36 PM
Quote from: IHK on September 23, 2024, 08:42:38 AM
Zenarmor multi-core support is expected to arrive in Q2 of 2025, you can follow the updates.
It would be better for the year 2040
Sorry for the inconvenience, but we had to prioritize working on other features.
Quote from: IHK on September 24, 2024, 03:24:22 PM
Quote from: yeraycito on September 23, 2024, 06:50:36 PM
Quote from: IHK on September 23, 2024, 08:42:38 AM
Zenarmor multi-core support is expected to arrive in Q2 of 2025, you can follow the updates.
It would be better for the year 2040
Sorry for the inconvenience, but we had to prioritize working on other features.
If I enable other services like AdGuard Home, will the multi-core capabilities of FreeBSD be leveraged? Meaning AdGuard Home service, will run on a different core than the cores being used by Zenarmor and OPNsense itself ? Thank you
Yes,
even if ZA is limited only to 1 core, usually by default its pinned and will run on cpu2 (can be unpinned and will then jump across all cores but still this is not a multicore functionality, ZA can not run paraller on several cores or threads). The rest of the system will use all cores, meaning OPNsense itself or other plugins will not be pinned to only the same core as ZA.
However you need to understand as ZA is not supporting multicore, the throughput its heavy dependent on the speed of a single CPU. And usually will give you only 1G throughput. The more feature heavy is your OPNsense deployment the less is the throughput when using ZA.
Regards,
S.
Thank you, I appreciate the information