1
22.7 Legacy Series / Re: R86S - Mellanox
« on: May 17, 2023, 04:02:48 pm »
Nice setup! I am looking to purchase the same unit. How has it been so far?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Hardware and Performance / Re: Poor Performance with OpnSense 23.1 and Hyper-V 2019
« on: May 17, 2023, 07:00:56 am »
I built an opnsense VM in Hyper-v on a Server 2019 recently. VM has 4G ram, 4 vcore.
Opnsense LAN is a trunk port in Server 2019, with breakouts done at Opnsense VLAN level (not Hyper-V level). This LAN is connected to an external vswitch that links to a physical 82599 10g nic.
When routing through opnsense, performance is close to your observation:
iperf single stream, spped varies widely 350Mbps ~ 800Mbps, CPU 50-75%
iperf 5 streams, speed varies widely 1.3Gbps ~ 2.4Gbps, CPU 80%-100%
iperf 10 streams, speed varies widely 1.5Gbps ~ 2.8Gbps, CPU 90%-100%
I tried changing RSC parameter as previous poster suggested but no change.
I am inclined to move it to a physical box instead.
UPDATE:
Did some more digging and testing, turning off VMQ on the host network adapter and turning off RSC on the virtual switch imporves throughput by ~30%. I can now get:
iperf 1 tream, 550Mbps ~ 1.0Gbps
iperf 5 streams, 1.7Gbps ~ 2.5Gbps
iperf 10 streams, 1.9Gbps ~ 2.9Gbps
Still a long shot from 10G.
Opnsense LAN is a trunk port in Server 2019, with breakouts done at Opnsense VLAN level (not Hyper-V level). This LAN is connected to an external vswitch that links to a physical 82599 10g nic.
When routing through opnsense, performance is close to your observation:
iperf single stream, spped varies widely 350Mbps ~ 800Mbps, CPU 50-75%
iperf 5 streams, speed varies widely 1.3Gbps ~ 2.4Gbps, CPU 80%-100%
iperf 10 streams, speed varies widely 1.5Gbps ~ 2.8Gbps, CPU 90%-100%
I tried changing RSC parameter as previous poster suggested but no change.
I am inclined to move it to a physical box instead.
UPDATE:
Did some more digging and testing, turning off VMQ on the host network adapter and turning off RSC on the virtual switch imporves throughput by ~30%. I can now get:
iperf 1 tream, 550Mbps ~ 1.0Gbps
iperf 5 streams, 1.7Gbps ~ 2.5Gbps
iperf 10 streams, 1.9Gbps ~ 2.9Gbps
Still a long shot from 10G.
3
Tutorials and FAQs / Re: HOWTO:IPsec IKEv2 clients: Split tunnel / EAP Radius / Virtual IP pool per group
« on: May 09, 2023, 08:23:04 am »
How does this guide transfer to the new swanctl.conf, since the ipsec.conf is now considered legacy and not generated by the system anymore?
Pages: [1]