1
Italian - Italiano / Auguri a tutti
« on: December 24, 2017, 11:25:47 pm »
Auguri di Buon Natale e di un felice anno nuovo 
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 12, 2017, 07:04:39 pm »
Tried but no success.
I tried before disabling TSO on ESXI side, same results: so I upgraded to ESXi 6.5u1, same results (TSO is already OFF on ESXI side).
Now I will try to get some help on vmware forum: on what FreeBSD list can I ask for help?
In the meantime I start to investigate some cfg vmnic parameters.
Alex
I tried before disabling TSO on ESXI side, same results: so I upgraded to ESXi 6.5u1, same results (TSO is already OFF on ESXI side).
Now I will try to get some help on vmware forum: on what FreeBSD list can I ask for help?
In the meantime I start to investigate some cfg vmnic parameters.
Alex
3
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 12, 2017, 05:38:01 pm »
Hi Bill,
you are right, I don't answer to your question: I checked TSO on ESXi side and I found it enabled on vmnic0 and vmnic1 and also on vmkernel layer (it's disabled on OPNsense).
Now, I will try to disable TSO on ESXi (as stated on article you posted) and then to upgrade to ESXi 6.5u1 version (but I am skeptical), before to ask help on VMWare or FreeBSD community.
you are right, I don't answer to your question: I checked TSO on ESXi side and I found it enabled on vmnic0 and vmnic1 and also on vmkernel layer (it's disabled on OPNsense).
Now, I will try to disable TSO on ESXi (as stated on article you posted) and then to upgrade to ESXi 6.5u1 version (but I am skeptical), before to ask help on VMWare or FreeBSD community.
4
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 12, 2017, 12:09:06 pm »
Try to summarize my tests and my situation.
I always used OPNSense as my router/firewall on vmware virtual machine (ESXi 6.0u2) and I think it is a great product.
Until now I had 500Mbps as internet bandwidth and my router I get always very good performance. Recently I upgraded to 1Gbps and I retried some old tests to measure performances.
So using some file transfer and usenet downloads as test, I get:
1) If I exec these tests from a computer directly connected to ISP I get (90-100)% ISP's speed
2) If I exec these tests from the same computer connected to my OPNSense router (on a VM), I get 60% ISP's speed
3) If I exec these tests from the same computer connected to a fresh installation of OPNSense 17.7.7 (on a VM), I get 60% ISP's speed
4) If I exec these tests from the same computer connected to a fresh installation of PFSense 2.4 (on a VM), I get 60% ISP's speed
5) If I exec these tests from the same computer connected to a fresh installation of LEDE 17 (on a VM), I get (90-100)% ISP's speed
6) If I exec these tests from the same computer connected to a fresh installation of Untangle 13 (on a VM), I get (90-100)% ISP's speed
Obviously above VM is the same (CPU, RAM) between different tests: I tried with 2core-4GB RAM, 2core-2GB RAM, 4core-4GB RAM, also with CPU and RAM reservation.
On OPNSense/PFSense I disabled all NIC offload functions.
So this is why I think my problem was on FreeBSD side, maybe on vmx drivers.
I always used OPNSense as my router/firewall on vmware virtual machine (ESXi 6.0u2) and I think it is a great product.
Until now I had 500Mbps as internet bandwidth and my router I get always very good performance. Recently I upgraded to 1Gbps and I retried some old tests to measure performances.
So using some file transfer and usenet downloads as test, I get:
1) If I exec these tests from a computer directly connected to ISP I get (90-100)% ISP's speed
2) If I exec these tests from the same computer connected to my OPNSense router (on a VM), I get 60% ISP's speed
3) If I exec these tests from the same computer connected to a fresh installation of OPNSense 17.7.7 (on a VM), I get 60% ISP's speed
4) If I exec these tests from the same computer connected to a fresh installation of PFSense 2.4 (on a VM), I get 60% ISP's speed
5) If I exec these tests from the same computer connected to a fresh installation of LEDE 17 (on a VM), I get (90-100)% ISP's speed
6) If I exec these tests from the same computer connected to a fresh installation of Untangle 13 (on a VM), I get (90-100)% ISP's speed
Obviously above VM is the same (CPU, RAM) between different tests: I tried with 2core-4GB RAM, 2core-2GB RAM, 4core-4GB RAM, also with CPU and RAM reservation.
On OPNSense/PFSense I disabled all NIC offload functions.
So this is why I think my problem was on FreeBSD side, maybe on vmx drivers.
5
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 11, 2017, 05:39:55 pm »
I have Supermicro A1SRM-2758F, Atom C2758 CPU with 8 cores, 2.4Ghz x core, 16GB RAM.
I installed vmware tools (directly from opnsense) and on this mobo there are Intel NICs on this mobo (I354 controller).
I installed vmware tools (directly from opnsense) and on this mobo there are Intel NICs on this mobo (I354 controller).
6
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 11, 2017, 03:18:19 pm »
I have a C2758 supermicro mb, 8 cores 2.4ghz, 16gb ram.
If isn’t an hardware problem or VMware problem ( with untangle, in a similar vm, I get 900mbps) where can I investigate?
Thanks in advance
Sent from my iPad using Tapatalk
If isn’t an hardware problem or VMware problem ( with untangle, in a similar vm, I get 900mbps) where can I investigate?
Thanks in advance
Sent from my iPad using Tapatalk
7
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 11, 2017, 11:49:21 am »
With 4 cores and 4GB RAM on Untangle VM, I get same results: 90% ISP's speed, ie. 900Mbps
So, I start to think the problem relies on FreeBSD: what do you think?
So, I start to think the problem relies on FreeBSD: what do you think?
8
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 11, 2017, 11:12:04 am »
I have already tried with Untangle (version 13.1.0): basic installation on a VM with 2 cores and 2 GB RAM.
VM it's configured as Linux 2.6.x 64bit, VMXNET3 drivers.
I get 90% ISP's speed, ie 900Mbps.....aaargghhh......much better than OPNSense.
Now I will try this Untangle VM with same OPNSense's cfg (cores and RAM).
VM it's configured as Linux 2.6.x 64bit, VMXNET3 drivers.
I get 90% ISP's speed, ie 900Mbps.....aaargghhh......much better than OPNSense.
Now I will try this Untangle VM with same OPNSense's cfg (cores and RAM).
9
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 11, 2017, 09:14:58 am »
I think to try some other firewall distro, like LEDE or Untangle (always on a VM) and repeat my tests with these distro: do you think is a good idea?
10
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 10, 2017, 03:12:55 pm »
Hi,
I tried following:
1) Fresh (and basic) OPNSense 17.7.7 installation, with VMXNET3 drivers: same results
2) Fresh (and basic) PFSENSE 2.4 installation with VMNETX3 drivers: same results
With E1000 drivers performances drop to 550Mbps (in both cases).
For other questions: I don't use hyperthreading, I have a C2758 CPU with 4 cores for OPNSense VM (see attachment).
Thanks for your help.
I tried following:
1) Fresh (and basic) OPNSense 17.7.7 installation, with VMXNET3 drivers: same results
2) Fresh (and basic) PFSENSE 2.4 installation with VMNETX3 drivers: same results
With E1000 drivers performances drop to 550Mbps (in both cases).
For other questions: I don't use hyperthreading, I have a C2758 CPU with 4 cores for OPNSense VM (see attachment).
Thanks for your help.
11
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 09, 2017, 12:20:13 pm »
Thanks for these suggestions,
I will try with less RAM and with E1000 drivers (with these I already tried but WAN interface doesn't works, really strange).
Else I haven't any other idea.
I will try with less RAM and with E1000 drivers (with these I already tried but WAN interface doesn't works, really strange).
Else I haven't any other idea.
12
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 08, 2017, 05:56:06 pm »
Actually I use OPNSense 17.7.7_1 on ESXi 6.0u2 and I use VMXNET3 drivers.
I don't have any particular service enabled, I use only some VPN connections )OPNsense is a VPN client) but not in this case because I inserted a specific firewall rule for these tests (also, if I switch off these VPN connections I get same results).
I will try to go back to E1000 drivers but it's seems really strange to me.
I don't have any particular service enabled, I use only some VPN connections )OPNsense is a VPN client) but not in this case because I inserted a specific firewall rule for these tests (also, if I switch off these VPN connections I get same results).
I will try to go back to E1000 drivers but it's seems really strange to me.
13
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
« on: November 08, 2017, 03:07:47 pm »
I resume this (old) thread because I have again same problem.
Recently I upgraded my ISP connection to 1Gbps and I repeat same tests: now I get 95% ISP's speed when I use directly my iMac with ISP's router but (only) 60% when I use my iMac with OPNSense router (obviously with same conditions).
During these tests CPU is between 35%-45%.
Where can I investigate?
TIA
Recently I upgraded my ISP connection to 1Gbps and I repeat same tests: now I get 95% ISP's speed when I use directly my iMac with ISP's router but (only) 60% when I use my iMac with OPNSense router (obviously with same conditions).
During these tests CPU is between 35%-45%.
Where can I investigate?
TIA
14
Development and Code Review / Any chance to get wireguard?
« on: October 15, 2017, 10:29:38 pm »
Hi,
I am very interested to fireguard protocol as openvpn replacement: I know at this moment there isn't wireguard port on freebsd world.
There is a chance to get it in the near future?
TIA
I am very interested to fireguard protocol as openvpn replacement: I know at this moment there isn't wireguard port on freebsd world.
There is a chance to get it in the near future?
TIA
15
17.7 Legacy Series / Dashbord and Safari: high cpu usage
« on: October 15, 2017, 10:24:19 pm »
Hi,
I noted very high cpu usage with my Safari 11 (on OSX) with Dashboard (with traffic graph on it): after some hours I get page with also very slow response.
I use OPN 17.7.5 but also with 17.7.4 I had same problems.
Anyone has same problem?
I noted very high cpu usage with my Safari 11 (on OSX) with Dashboard (with traffic graph on it): after some hours I get page with also very slow response.
I use OPN 17.7.5 but also with 17.7.4 I had same problems.
Anyone has same problem?