OPNsense Forum
English Forums => Hardware and Performance => Topic started by: meganie on May 22, 2022, 12:32:03 pm
-
I'm about to set up my first OPNsense instance as a virtual Proxmox machine.
For the WAN interface I'll use a PCIe passthrough NIC.
My question regards the LAN interface. I want to use LAGG with 2 NICs and I have two ideas how to set it up:
1. I set up the LAGG and bridge in Proxmox and use the virtual interface in OPNsense.
2. I create a bridge without NIC in Proxmox, passthrough both NICs to OPNsense, create the LAGG interface in OPNsense and create a bridge with the LAGG interface and the virtual Proxmox interface.
The connection to Proxmox isn't heavily used. The connection from Proxmox LAN to the switch has priority.
Which option would result in better performance and less CPU usage?
-
Depending on the NIC, passing it through to the OPNsense VM (less overhead from Proxmox VE) and using Hardware offloading might be faster.
-
Assuming the CPU can handle both I doubt you'd ever see any real world difference in either scenario. You might see some responses that "doing it this way gives you 1 ms better resolution" or something, but 99% of the feedback here is antecdotal. Nothing wrong with it, just saying, dont treat everything here as fact.
I currently have a cheapy little 2 NIC machine that I run Proxmox on. I use Proxmox bridges to pass to OPNsense. I'm waiting on a new unit with four 2.5G NICs. My plan is to setup similar to what you were mentioning: will setup one Proxmox bridge for WAN, and then setup a LAGG (again, on Proxmox) for LAN, and passing through the resulting bridge to OPNsense. OPNsense will only ever see those two interfaces. To me, even if there is a very slight performance hit, the benefit is that I can basically just load a backup on on my other 2 NIC machine and it will basically just work.
-
I got a Topton N6005 unit and setup OPNsense inside of Proxmox. Using all Linux bridges, no passthrough. One NIC connected to cable mode, two others connected to a 1 gigabit switch in LAGG, which is assigned to another bridge. OPNsense sees two interfaces still. I get ~1325 Mbps down (on the host at least - most of the network is gigabit) and ~40 bps up. Runs like a champ this way.