[Tutorial/Call for Testing] Enabling Receive Side Scaling on OPNsense

Started by tuto2, August 16, 2021, 02:13:24 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3 4 5 ... 9
User actions
September 18, 2021, 03:54:19 PM #30
Does anyone know if there is a way to change the policy on the ip6 protocol from flow to cpu?  That is the difference I notice in some of the previous posts.  Thinking this may be why I'm not getting RSS on ip6.
September 30, 2021, 08:02:33 PM #31
Also decided to test this out with a Protectli FW6B.

- WAN is PPPoE 1G/1G
- LAN is split between LAN and 4 VLANs
- Sensei running on LAN.

I set net.inet.rss.bits = 2.  Not sure if this is correct on a 2 core/2HT processor.  Seems to work fine on speedtest with reasonable CPU usage.

Also something to keep in mind, if you upgrade to a hotfix release it will replace the RSS kernel.  Be sure to reinstall the RSS kernel if you upgrade to the hotfix released yesterday.
October 01, 2021, 09:48:49 AM #32
> Also something to keep in mind, if you upgrade to a hotfix release it will replace the RSS kernel.  Be sure to reinstall the RSS kernel if you upgrade to the hotfix released yesterday.

That's why you can lock any package to prevent it from upgrading. ;)
October 01, 2021, 03:18:13 PM #33
I found the lock in the UI.  That's handy.  ;D
October 04, 2021, 10:23:33 AM #34 Last Edit: October 04, 2021, 02:49:53 PM by dinguz
Quote from: dinguz on September 17, 2021, 12:06:38 AM
I am seeing something odd here. If I have RSS enabled, unbound is no longer working on all threads. I have a 2 core machine, unbound starts with 2 threads, but thread 0 is not doing any work. When I disable RSS using the sysctl and reboot, unbound is working normally again.
Are any other people seeing this?

I have reported this a few weeks ago, and I'm wondering if I'm the only one experiencing this. Are other people seeing this as well, or have been able to reproduce?

It's quite easy to check: just enable RSS, reboot, go to the Unbound stats page in the GUI, and you'll probably see all zeroes for thread 0.


BTW: how do I revert to the stock kernel? If I do
Code Select
opnsense-update -kr 21.7.2 it keeps trying to download a RSS version of the kernel.
In theory there is no difference between theory and practice. In practice there is.
October 04, 2021, 07:28:45 PM #35
Same thing here with the kernel.  No matter what you type in, it will append -rss to the name.  Looking at the verbose output it's saying that it's trying to download from the sets folder but when I look on every mirror, these kernels are in the snapshots folder.  Not sure if they were removed?  Due to this I'm getting a no valid signature error.
October 05, 2021, 12:43:22 PM #36
It's trying to stick to the kernel device designation which is correct historically speaking. We rarely do have different kernel builds and only really needed them with ARM which is where this feature comes from.

This should force it back to the generic device configuration (the -D '' bit is important)

# opnsense-update -kf -D ''


Cheers,
Franco
October 05, 2021, 08:07:11 PM #37
PS: https://github.com/opnsense/tools/commit/6fa3d553a -- this only affects testing kernels really and no production kernel can exhibit this issue.
October 05, 2021, 08:48:25 PM #38
Another observation, this is part of the 'netstat -Q' output from a stock kernel:
Code Select

Protocols:
Name   Proto QLimit Policy Dispatch Flags
ip         1   1000   flow  default   ---
igmp       2    256 source  default   ---
rtsock     3    256 source  default   ---
arp        4    256 source  default   ---
ether      5    256 source   direct   ---
ip6        6    256   flow  default   ---



Below is the 'netstat -Q' output from a system with the RSS kernel, but RSS disabled (net.inet.rss.enabled=0):
Code Select

Protocols:
Name   Proto QLimit Policy Dispatch Flags
ip         1   2048   flow  default   ---
igmp       2    256 source  default   ---
rtsock     3    256 source  default   ---
arp        4    256 source  default   ---
ether      5    256 source   direct   ---
ip6        6    256    cpu   hybrid   C--


Notice the difference for ip6? Apparently the sysctl does not completely enable/disable RSS for ip6.
In theory there is no difference between theory and practice. In practice there is.
October 07, 2021, 08:06:36 AM #39
Let me check when I have some spare time. Stephan is not available at the moment to look into it.


Cheers,
Franco
October 07, 2021, 09:53:56 AM #40
Stephan found it, small issue with a refactor from my side:

# opnsense-update -zfkr 21.7.2-rss

The sticky device issue was also fixed, the kernel should report:

% uname -v
FreeBSD 12.1-RELEASE-p20-HBSD  b9b6960472e(master) SMP


Cheers,
Franco
October 07, 2021, 12:07:51 PM #41
Thanks for the quick reply. Has anyone been able to have a look at the interaction with unbound?
In theory there is no difference between theory and practice. In practice there is.
October 07, 2021, 12:19:24 PM #42
Quote from: franco on October 07, 2021, 09:53:56 AM
Stephan found it, small issue with a refactor from my side:

# opnsense-update -zfkr 21.7.2-rss

The sticky device issue was also fixed, the kernel should report:

% uname -v
FreeBSD 12.1-RELEASE-p20-HBSD  b9b6960472e(master) SMP


Cheers,
Franco

Not available to download, no signature found.
October 07, 2021, 01:17:11 PM #43
Quote from: MartB on October 07, 2021, 12:19:24 PM
Not available to download, no signature found.

Make sure:

1. Default mirror is set
2. "-z" is being used as indicated

It looks like everything is there: https://pkg.opnsense.org/FreeBSD:12:amd64/snapshots/sets/

I can look at Unbound issue too as soon as I can finish my work on the upcoming 21.10 business update.


Cheers,
Franco
October 07, 2021, 01:51:10 PM #44
Quote from: dinguz on October 07, 2021, 12:07:51 PM
Thanks for the quick reply. Has anyone been able to have a look at the interaction with unbound?

I will take a look at it, but as Franco noted I have a limited amount of time at hand right now. Will update as soon as I can.

Cheers,

Stephan
Print
Go Up Pages 1 2 3 4 5 ... 9
User actions