"
Auguri di Buon Natale e di un felice anno nuovo :D
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 12, 2017, 07:04:39 PM
Tried but no success.
I tried before disabling TSO on ESXI side, same results: so I upgraded to ESXi 6.5u1, same results (TSO is already OFF on ESXI side).
Now I will try to get some help on vmware forum: on what FreeBSD list can I ask for help?
In the meantime I start to investigate some cfg vmnic parameters.
Alex
I tried before disabling TSO on ESXI side, same results: so I upgraded to ESXi 6.5u1, same results (TSO is already OFF on ESXI side).
Now I will try to get some help on vmware forum: on what FreeBSD list can I ask for help?
In the meantime I start to investigate some cfg vmnic parameters.
Alex
#3
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 12, 2017, 05:38:01 PM
Hi Bill,
you are right, I don't answer to your question: I checked TSO on ESXi side and I found it enabled on vmnic0 and vmnic1 and also on vmkernel layer (it's disabled on OPNsense).
Now, I will try to disable TSO on ESXi (as stated on article you posted) and then to upgrade to ESXi 6.5u1 version (but I am skeptical), before to ask help on VMWare or FreeBSD community.
you are right, I don't answer to your question: I checked TSO on ESXi side and I found it enabled on vmnic0 and vmnic1 and also on vmkernel layer (it's disabled on OPNsense).
Now, I will try to disable TSO on ESXi (as stated on article you posted) and then to upgrade to ESXi 6.5u1 version (but I am skeptical), before to ask help on VMWare or FreeBSD community.
#4
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 12, 2017, 12:09:06 PM
Try to summarize my tests and my situation.
I always used OPNSense as my router/firewall on vmware virtual machine (ESXi 6.0u2) and I think it is a great product.
Until now I had 500Mbps as internet bandwidth and my router I get always very good performance. Recently I upgraded to 1Gbps and I retried some old tests to measure performances.
So using some file transfer and usenet downloads as test, I get:
1) If I exec these tests from a computer directly connected to ISP I get (90-100)% ISP's speed
2) If I exec these tests from the same computer connected to my OPNSense router (on a VM), I get 60% ISP's speed
3) If I exec these tests from the same computer connected to a fresh installation of OPNSense 17.7.7 (on a VM), I get 60% ISP's speed
4) If I exec these tests from the same computer connected to a fresh installation of PFSense 2.4 (on a VM), I get 60% ISP's speed
5) If I exec these tests from the same computer connected to a fresh installation of LEDE 17 (on a VM), I get (90-100)% ISP's speed
6) If I exec these tests from the same computer connected to a fresh installation of Untangle 13 (on a VM), I get (90-100)% ISP's speed
Obviously above VM is the same (CPU, RAM) between different tests: I tried with 2core-4GB RAM, 2core-2GB RAM, 4core-4GB RAM, also with CPU and RAM reservation.
On OPNSense/PFSense I disabled all NIC offload functions.
So this is why I think my problem was on FreeBSD side, maybe on vmx drivers.
I always used OPNSense as my router/firewall on vmware virtual machine (ESXi 6.0u2) and I think it is a great product.
Until now I had 500Mbps as internet bandwidth and my router I get always very good performance. Recently I upgraded to 1Gbps and I retried some old tests to measure performances.
So using some file transfer and usenet downloads as test, I get:
1) If I exec these tests from a computer directly connected to ISP I get (90-100)% ISP's speed
2) If I exec these tests from the same computer connected to my OPNSense router (on a VM), I get 60% ISP's speed
3) If I exec these tests from the same computer connected to a fresh installation of OPNSense 17.7.7 (on a VM), I get 60% ISP's speed
4) If I exec these tests from the same computer connected to a fresh installation of PFSense 2.4 (on a VM), I get 60% ISP's speed
5) If I exec these tests from the same computer connected to a fresh installation of LEDE 17 (on a VM), I get (90-100)% ISP's speed
6) If I exec these tests from the same computer connected to a fresh installation of Untangle 13 (on a VM), I get (90-100)% ISP's speed
Obviously above VM is the same (CPU, RAM) between different tests: I tried with 2core-4GB RAM, 2core-2GB RAM, 4core-4GB RAM, also with CPU and RAM reservation.
On OPNSense/PFSense I disabled all NIC offload functions.
So this is why I think my problem was on FreeBSD side, maybe on vmx drivers.
#5
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 11, 2017, 05:39:55 PM
I have Supermicro A1SRM-2758F, Atom C2758 CPU with 8 cores, 2.4Ghz x core, 16GB RAM.
I installed vmware tools (directly from opnsense) and on this mobo there are Intel NICs on this mobo (I354 controller).
I installed vmware tools (directly from opnsense) and on this mobo there are Intel NICs on this mobo (I354 controller).
#6
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 11, 2017, 03:18:19 PM
I have a C2758 supermicro mb, 8 cores 2.4ghz, 16gb ram.
If isn't an hardware problem or VMware problem ( with untangle, in a similar vm, I get 900mbps) where can I investigate?
Thanks in advance
Sent from my iPad using Tapatalk
If isn't an hardware problem or VMware problem ( with untangle, in a similar vm, I get 900mbps) where can I investigate?
Thanks in advance
Sent from my iPad using Tapatalk
#7
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 11, 2017, 11:49:21 AM
With 4 cores and 4GB RAM on Untangle VM, I get same results: 90% ISP's speed, ie. 900Mbps
So, I start to think the problem relies on FreeBSD: what do you think?
So, I start to think the problem relies on FreeBSD: what do you think?
#8
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 11, 2017, 11:12:04 AM
I have already tried with Untangle (version 13.1.0): basic installation on a VM with 2 cores and 2 GB RAM.
VM it's configured as Linux 2.6.x 64bit, VMXNET3 drivers.
I get 90% ISP's speed, ie 900Mbps.....aaargghhh......much better than OPNSense.
Now I will try this Untangle VM with same OPNSense's cfg (cores and RAM).
VM it's configured as Linux 2.6.x 64bit, VMXNET3 drivers.
I get 90% ISP's speed, ie 900Mbps.....aaargghhh......much better than OPNSense.
Now I will try this Untangle VM with same OPNSense's cfg (cores and RAM).
#9
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 11, 2017, 09:14:58 AM
I think to try some other firewall distro, like LEDE or Untangle (always on a VM) and repeat my tests with these distro: do you think is a good idea?
#10
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 10, 2017, 03:12:55 PM
Hi,
I tried following:
1) Fresh (and basic) OPNSense 17.7.7 installation, with VMXNET3 drivers: same results
2) Fresh (and basic) PFSENSE 2.4 installation with VMNETX3 drivers: same results
With E1000 drivers performances drop to 550Mbps (in both cases).
For other questions: I don't use hyperthreading, I have a C2758 CPU with 4 cores for OPNSense VM (see attachment).
Thanks for your help.
I tried following:
1) Fresh (and basic) OPNSense 17.7.7 installation, with VMXNET3 drivers: same results
2) Fresh (and basic) PFSENSE 2.4 installation with VMNETX3 drivers: same results
With E1000 drivers performances drop to 550Mbps (in both cases).
For other questions: I don't use hyperthreading, I have a C2758 CPU with 4 cores for OPNSense VM (see attachment).
Thanks for your help.
#11
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 09, 2017, 12:20:13 PM
Thanks for these suggestions,
I will try with less RAM and with E1000 drivers (with these I already tried but WAN interface doesn't works, really strange).
Else I haven't any other idea.
I will try with less RAM and with E1000 drivers (with these I already tried but WAN interface doesn't works, really strange).
Else I haven't any other idea.
#12
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 08, 2017, 05:56:06 PM
Actually I use OPNSense 17.7.7_1 on ESXi 6.0u2 and I use VMXNET3 drivers.
I don't have any particular service enabled, I use only some VPN connections )OPNsense is a VPN client) but not in this case because I inserted a specific firewall rule for these tests (also, if I switch off these VPN connections I get same results).
I will try to go back to E1000 drivers but it's seems really strange to me.
I don't have any particular service enabled, I use only some VPN connections )OPNsense is a VPN client) but not in this case because I inserted a specific firewall rule for these tests (also, if I switch off these VPN connections I get same results).
I will try to go back to E1000 drivers but it's seems really strange to me.
#13
Hardware and Performance / Re: Some suggestions for my new OPNSense (on ESXi host)
November 08, 2017, 03:07:47 PM
I resume this (old) thread because I have again same problem.
Recently I upgraded my ISP connection to 1Gbps and I repeat same tests: now I get 95% ISP's speed when I use directly my iMac with ISP's router but (only) 60% when I use my iMac with OPNSense router (obviously with same conditions).
During these tests CPU is between 35%-45%.
Where can I investigate?
TIA
Recently I upgraded my ISP connection to 1Gbps and I repeat same tests: now I get 95% ISP's speed when I use directly my iMac with ISP's router but (only) 60% when I use my iMac with OPNSense router (obviously with same conditions).
During these tests CPU is between 35%-45%.
Where can I investigate?
TIA
#14
Development and Code Review / Any chance to get wireguard?
October 15, 2017, 10:29:38 PM
Hi,
I am very interested to fireguard protocol as openvpn replacement: I know at this moment there isn't wireguard port on freebsd world.
There is a chance to get it in the near future?
TIA
I am very interested to fireguard protocol as openvpn replacement: I know at this moment there isn't wireguard port on freebsd world.
There is a chance to get it in the near future?
TIA
#15
17.7 Legacy Series / Dashbord and Safari: high cpu usage
October 15, 2017, 10:24:19 PM
Hi,
I noted very high cpu usage with my Safari 11 (on OSX) with Dashboard (with traffic graph on it): after some hours I get page with also very slow response.
I use OPN 17.7.5 but also with 17.7.4 I had same problems.
Anyone has same problem?
I noted very high cpu usage with my Safari 11 (on OSX) with Dashboard (with traffic graph on it): after some hours I get page with also very slow response.
I use OPN 17.7.5 but also with 17.7.4 I had same problems.
Anyone has same problem?
