Running OPNSense in VM, what am i doing wrong?

Started by user239324, August 11, 2020, 06:51:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 11, 2020, 06:51:05 PM Last Edit: August 11, 2020, 06:53:03 PM by user239324
Hello all,

So first off, heres my hardware:
3900x ryzen
64GB ram
PCIe 4.0 nvme SSD

I have 1000/1000mbps WAN connection, using Wireguard in Windows.
From what ive been told after asking on reddit etc, Wireguard for Windows is userspace, wireguard-go. What this equates to is not being able to use 1000/1000 at the same time.

I was wondering why i cant get 1000/1000 full duplex, bidirectional speeds, so download+upload simultaneously, and thats the answer ive got.

So now im on the hunt for another solution to this and have been trying out openwrt, pfsense, opnsense etc in a virtual environment, and i think opnsense is the winner.

However ive tried Hyper-V, vmware player and VirtualBox, and all of them give me about 2-300mbps even without VPN active? Regardless of how many CPUs i give it.

Clearly im doing something wrong or missing something.

My environment is asus router -> clients. Easy, simple.
However when ive been trying out these things ive been running the virtual/bridged LAN-port on another subnet.

All i want really is for all traffic from my PC to go through a VM/Hardware router that handles encryption/decryption, so a vpn gateway i guess.

Im not running a wireguard server but a client to VPN provider mullvad, which can deliver 1000/1000 (ive tried it many times on ubuntu live-USB while troubleshooting).

I work in IT but networking isnt my speciality, however i consider myself sortof savvy on a basic level.

Any tips?
August 12, 2020, 12:38:26 PM #1
Have you tried the free ESXi version? It's thinner than the other options.

https://my.vmware.com/web/vmware/evalcenter?p=free-esxi7

Bart...
August 13, 2020, 04:04:53 PM #2
No i havent tried that, its just obvious to me that im doing something wrong.
Ive tried hyper-v, vmware player and virtualbox with pfsense, opnsense and openwrt, even ubuntu on a live-USB and they all give 2-3-400mbit, with not much cpu usage, so im doing something wrong
August 14, 2020, 11:52:25 AM #3
Well the anser is in your questoin. You run it as VM ;-)

No, I am jocking. I know many run it as VM. Since VM environments are very different it is not possible to debugg from remote quite well.

You never can expect the same performance from VM than directly on hardware. If driver emulation is in place then the results may differ alot. Thats due to the fact that maybe the implentation of such drivers are in some way incompatible or buffers and queues etc. are handled not optimal.

Maybe at some point someone will have time to do some testing with hardware and different virtualizations szenarios. This results will then only apply to his hardware and his vritualization szenario and as long as you pick your own hardware and your own environment the debugging is up to you.
Twitter: banym
Mastodon: banym@bsd.network
Blog: https://www.banym.de
August 23, 2020, 02:04:40 PM #4
We use OPNSense fully virtualised. VM running on a DELL R710 4 x X5650 CPu's and 4GB of memory we are not fortunate enough to have a 1Gb up down connection but do not really see any issues in the throughput of the virtualised NICS. This is using two ports of the 4 port GB NIC dedicated the the VM. One WAN one LAN to our Netgear Managed Switch.

We can max out the 1Gb LAN connection with a suitable download from another local server to the OPNSense VM. We can't attest to the WAN as our service is far slower than yours.

We are of course using LInux!

Cheers
Spart
August 23, 2020, 06:52:16 PM #5
Quote from: sparticle on August 23, 2020, 02:04:40 PM
We are of course using LInux!
OPNsense is not based on Linux. You should set your VM OS type to FreeBSD 12 or later versions (64-bit) for best results.

Bart...
August 25, 2020, 12:56:51 PM #6
Meant HOST systems are Linux!

Cheers
Spart
Print
Go Up Pages1
User actions