OPNsense Forum
English Forums => Hardware and Performance => Topic started by: beyondnoyeb on May 19, 2020, 05:32:02 pm
-
Hey all,
Been using opnsense for a few months now and am absolutely in love. With that said, I am trying to best tune my environment for performance and seem to be hitting some issues.
Setup: (this is an older box I am repurposing)
CPU: i7-3770
Memory: 32gb
Nic: Intel i350-t4
opnsense: 20.1.6
VLANs: 4
I have made all changes listed in the sticky thread regarding intel nic tuning
Test Case 1) Without things like netflow (insights), suricata, and GeoIP I can saturate my Verizon fios 940/880.
Test Case 2) Netflow / Suricata (19,000 rules set to drop, monitoring WAN and LAN interfaces) / GeoIP my speeds are dropping down to 400/400.
Test Case 3) Netflow / Suricata GeoIP running but Suricata ONLY monitoring WAN, I can manage to get it back up to 800/800.
During the testing, I can see suricata is definitely using up all 8 threads on the cpu (750-780% CPU usage) via top in test case 2. This drops down to 300-400% CPU usage in test case 3.
Is this CPU / older box simply too old to run at line rate? I don't mind investing in a newer gen; I just want to make sure that a newer gen xeon type setup will run at the full line rate with everything turned on (monitoring WAN and LAN).
Thanks!
-
Added a test case 4 after talking another member on a PM:
test case 4) Netflow monitoring all interfaces, suricata monitoring LAN only and geoip on. With this setup for some reason I get almost equal performance to without suricata... pushing 930-940/870-880
Not really sure why test case 4 is better than test case 3... Also not sure if monitoring only the LAN is doing as much protection.