"
I'm running VMware on a dedicated HP workstation (Z420) with 128GB of mem and an older (single) Xeon E5-2650 (V0) @2.0GHz. OPNsense is running on 4 cores 4 threads but recently I learned most processes are single core services/processes. OPNsense has "priority" over other VM's and the CPU has an 6GHz reservation (total capacity: 15.96 GHz).
With fiber 1000/1000 I only get 200-300 Mbps with Suricata on (IDS/IPS) no matter which interface or Pattern matcher I use.
When I disable IDS/IPS completely I get a rather consisten 925/935 Mbps on speedtest.net but CPU rises to 100% during the "full speed load".
I'd rather use IDS/IPS (obviously) for security reasons but am not willing to sacrifice 600 Mpbs.
First question:
I know my setup is rather old but I'm not in the position to buy new hardware.
What would be the optimum config for me regarding vCPU's and memory allocation for OPNsense with ADguard as DNS server?
Second question:
After optimising the vCPU, what would be the correct OPNsense config to make the most of the multicore/multithread vCPU?
Thank you in advance!
With fiber 1000/1000 I only get 200-300 Mbps with Suricata on (IDS/IPS) no matter which interface or Pattern matcher I use.
When I disable IDS/IPS completely I get a rather consisten 925/935 Mbps on speedtest.net but CPU rises to 100% during the "full speed load".
I'd rather use IDS/IPS (obviously) for security reasons but am not willing to sacrifice 600 Mpbs.
First question:
I know my setup is rather old but I'm not in the position to buy new hardware.
What would be the optimum config for me regarding vCPU's and memory allocation for OPNsense with ADguard as DNS server?
Second question:
After optimising the vCPU, what would be the correct OPNsense config to make the most of the multicore/multithread vCPU?
Thank you in advance!
