Hi everyone,
I'm seeking advice regarding a resource issue I'm facing with my OPNsense setup. Here's my situation:
I have an OPNsense cluster with two nodes, both running as VMs on Hyper-V in version 25.1.11. Each VM has 4GB RAM and 4 CPU cores. I'm currently migrating 700 OpenVPN connections from an older OPNsense cluster to this new one and wireguard connections. So far, about 50 connections have been migrated over, but I'm already receiving intermittent notifications that the cluster's resource limits are being reached, and I'm noticing high load averages (for example, load averages of 5 over 5 minutes, or 7 over 1 minute). These high loads are not permanent but at seemingly random times across the entire day or whenever i trigger an ha-sync. Its mostly about 4-6 times per day outside of ha-sync where the load seems to spike.
My main question is:
How many WireGuard peers can realistically be handled by an OPNsense cluster with this hardware configuration?
Would scaling up the RAM and CPU allow me to connect more peers reliably, or is there an inherent limitation that would require expanding with an additional OPNsense cluster?
Any experiences or benchmarks from others with similar setups would be greatly appreciated.
Thanks in advance for your help!