OPNsense Forum

Archive => 22.7 Legacy Series => Topic started by: SecAficionado on July 29, 2022, 02:38:21 am

Title: Poor performance with Realtek NICs
Post by: SecAficionado on July 29, 2022, 02:38:21 am

Hello,

I know this is an endless subject and a moving target, but I want to document my experience in any case.

I got a good deal on a mini PC with a Celeron J3455 CPU and two Realtek NICs (I think they are RTL8168). I wanted to install opnsense to replace a larger PC to reduce power consumption. I knew Intel NICs were the better choice, but I thought I would give it a try.

I was pleasantly surprised to see that a config running Suricata in IPS mode gave me 900+ Mbps on tests, but then saw that the interfaces would go down, showing "no carrier" errors after an hour or so of service. Only a reboot seemed to fix the problem. I installed the Realtek plug-in (BTW, thanks for that!) and had stable NICs that lasted days without issues, but then I could only get 400Mbps speeds. The driver was the only change.

My Internet connection is 1Gbps which means I can't use this mini PC as my firewall at the moment. Some FreeBSD forums seem to indicate that the native (re) driver has seen improvements over time, so I might be able to get speed and stability from a future version. They also mention that those improvements seem to go away between major releases.

Considering the current system's power consumption, I ordered a much more expensive mini PC with intel NICs, which I will be configuring soon. It will pay for itself eventually with power savings, but I would have preferred to be able to work with the good deal I got.

Does anyone else have similar experiences with getting only 50% speeds using the factory drivers? Can I use older drivers that perform better?

Title: Re: Poor performance with Realtek NICs
Post by: franco on July 29, 2022, 08:35:30 am

The speed difference is that the re(4) FreeBSD driver has native netmap(4) support which Suricata/Zenarmor uses.

The vendor driver doesn't have this, so netmap(4) runs in emulation mode capping the bandwidth further.

It' simply sad that the FreeBSD driver is less stable than the vendor one in this case. ;(


Cheers,
Franco

Title: Re: Poor performance with Realtek NICs
Post by: axsdenied on July 29, 2022, 09:37:37 pm

I'm running the exact same hardware :) Mine's a beelink box.  Using the vendor driver is very stable and works great as long as you don't do packet inspection. I do get 900Mb+ speeds.

I recently ordered an older dell optiplex box and I'm adding a quad intel nic.  May give it a shot after I get that up and running.