Text only | Text with Images

OPNsense Forum

English Forums => 26.1, 26,4 Series => Topic started by: Nephiria on March 24, 2026, 10:27:46 AM

Title: New Rules Performance
Post by: Nephiria on March 24, 2026, 10:27:46 AM
Hi everyone,

Since I now have to adjust a lot of rules after migrating the firewall rules,
I've noticed that with the new rules, it always takes a very long time for the settings to be applied to the system. After making a change, I always have to wait about 10+ seconds per rule before I can make any further changes.
I didn't have this problem with the old rules; if I changed something, it was more or less immediately possible to edit another rule, etc.
Will anything be done to improve the performance? Because as it is, it's very unsatisfactory in that regard.
My OPNsense is running on the following hardware, which is actually more or less underutilized; on the contrary, I don't have a heavy load on it.

Intel(R) Celeron(R) N5105 @ 2.00GHz (4 cores, 4 threads) (approx. 2-5% usage, occasionally a short-term 30% spike)
16 GB RAM: 10% usage
SSD Disk: 3% usage

Many thanks and for your feedback
Title: Re: New Rules Performance
Post by: OPNenthu on March 24, 2026, 03:59:14 PM
Quote from: Nephiria on March 24, 2026, 10:27:46 AMAfter making a change, I always have to wait about 10+ seconds per rule before I can make any further changes.

Also N5105 here.  The new UI is definitely slower to load (especially on first landing due to the default 'any' view), but making rule changes is fine.  I haven't noticed this extreme of a slow down.

How many rules are we talking about?  I'm only sitting at 87 according to the UI.
Title: Re: New Rules Performance
Post by: Nephiria on March 25, 2026, 10:43:17 AM
I have around 200 rules configured.
I have several services running.
But CPU or RAM usage isn't the problem.

As mentioned, the CPU is mostly idle until the occasional 30% spike occurs.
The issue with the waiting time arises after editing each rule.

I find the performance very poor in this regard; it definitely needs improvement. The number of rules hasn't changed significantly compared to my old firewall rule system, at least not for me.

Update: Okay, I found the problem on my end, even though I hadn't changed anything. If I connect directly via IP without going through DNS and reverse proxy, then it seems to run smoothly. Although, it wasn't a problem before with the reverse proxy configuration, which is really strange. I'll experiment a bit with the reverse proxy settings on the Opnsense site.
Title: Re: New Rules Performance
Post by: franco on March 25, 2026, 10:45:27 AM
Not sure what the goalpost is here without reliable metrics regarding API calls... we have customers with thousands of rules in the new GUI because they couldn't use the old GUI due to taking minutes to load and here we talk about 200 rules and unbearable delays?


Cheers,
Franco
Text only | Text with Images