Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - KE-admin

Pages1
#1
25.1, 25.4 Series / Re: Very poor inbound perfomance; TCP Retransmissions
August 07, 2025, 10:49:22 PM
I just did! 

`ethtool --offload enp2s0f1np1 generic-receive-offload off` looks like it fixes this.

Thanks for the HOWTO.  Good stuff!
#2
25.1, 25.4 Series / Very poor inbound perfomance; TCP Retransmissions
August 07, 2025, 10:07:56 PM
I am experiencing very poor performance on a recently installed OPNsense version 25.1 VM in a Debian/KVM hosted environment.  All the normally disabled offloading has been checked. 

I have taken to troubleshooting the issue by using SCP from the OPNsense VM to/from various local and remote targets.  Secure copies outbound perform fine in all cases.  Secure copies inbound are exceedingly slow and packet capture reveals "TCP Previous segment not captured/TCP Retransmission" any time data must traverse the physical switch.  Inbound from a source running on the same host works fine.

Here is the ifconfig from FreeBSD:

vtnet0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
   description: Outside (wan)
   options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
   ether 52:54:00:44:b6:4b
   inet <IP> netmask 0xfffffff0 broadcast <gatewayIP>
   inet6 fe80::5054:ff:fe44:b64b%vtnet0 prefixlen 64 scopeid 0x1
   media: Ethernet autoselect (10Gbase-T <full-duplex>)
   status: active
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>


and relevant info from the KVM side:

root@kvm2:~# ip a s vnet122
135: vnet122: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master outside state UNKNOWN group default qlen 1000
    link/ether fe:54:00:44:b6:4b brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc54:ff:fe44:b64b/64 scope link
       valid_lft forever preferred_lft forever
root@kvm2:~# ip a s outside
4: outside: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 4e:bb:da:ba:6a:f8 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::4cbb:daff:feba:6af8/64 scope link
       valid_lft forever preferred_lft forever
root@kvm2:~# ip a s enp2s0f1np1
3: enp2s0f1np1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master outside state UP group default qlen 1000
    link/ether 9c:6b:00:99:c4:2e brd ff:ff:ff:ff:ff:ff
root@kvm2:~# ethtool -I vnet122
Settings for vnet122:
   Supported ports: [  ]
   Supported link modes:   Not reported
   Supported pause frame use: No
   Supports auto-negotiation: No
   Supported FEC modes: Not reported
   Advertised link modes:  Not reported
   Advertised pause frame use: No
   Advertised auto-negotiation: No
   Advertised FEC modes: Not reported
   Speed: 10Mb/s
   Duplex: Full
   Auto-negotiation: off
   Port: Twisted Pair
   PHYAD: 0
   Transceiver: internal
   MDI-X: Unknown
        Current message level: 0x00000000 (0)
                             
   Link detected: yes
Pages1