Questions about DEC750 throughput

[BondiBlueBalls]

Hey, all.

I received a new DEC750 a couple days ago and finally got it installed today. I installed a fresh image of 22.1 and restored my config. Everything worked perfectly.

After doing some throughput testing, it seems slower than I expected. For example:

I'm only seeing around 1.8Gbps between VLANs using iperf3. This is over a Ubiquiti DAC cable that seems to work just fine, otherwise.

When doing speed tests from the internet, I'm only seeing ~700Mbps with IPS turned on. When it's turned off, I get line speed.

The interesting part is that the CPU never spikes over 40%. Is anything in that stack locked to a single core? I'm hoping that there's some tunable that may give me a little more speed.

Thanks for any advice you folks can provide!

[lilsense]

there may be some tweaks coming in regards to RSS which should help in speed boost.

[BondiBlueBalls]

Have you read anything regarding the opnsense folks recommending rss for 1st party hardware at this point?

[lilsense]

not from that perspective...

here's the topic: https://forum.opnsense.org/index.php?topic=24409.0;topicseen

[BondiBlueBalls]

Given that I currently use IPS, this is the kicker for me:

When Suricata is running in IPS mode, Netmap is utilized to fetch packets off the line for inspection. By default, OPNsense has configured Suricata in such a way that the packet which has passed inspection will be re-injected into the host networking stack for routing/firewalling purposes. The current Suricata/Netmap implementation limits this re-injection to one thread only. Work is underway to address this issue since the new Netmap API (V14+) is now capable of increasing this thread count. Until then, no benefit is gained from RSS when using IPS.

I think I'll just wait until RSS and Suricata mature a bit. Thanks for the info!