Performance Degradation Under Load - OPNsense VM on Proxmox

Started by sfunston, July 12, 2025, 08:28:25 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 12, 2025, 08:28:25 PM Last Edit: July 12, 2025, 08:58:01 PM by sfunston
I'm running into an issue where my upload speeds drop to about 1/2 of my download speeds when there is high network throughput.

Setup:

    ISP: Sparklight Fiber (300/300 Mbps)

    Firewall: OPNsense 25.1.10 running as a VM on Proxmox

    Hardware: Dell OptiPlex 3050 Micro

    NICs:

        Realtek NIC assigned to LAN

        Intel I226-V NIC assigned to WAN

    Switch/AP: Unifi Lite 8 PoE switch, Unifi U7 Pro AP


Observed Behavior:

    Download speeds are close to ~250-300 Mbps consistently but do drop lower sometimes.

    When network throughput is high, Upload speeds typically cap out around 100–150 Mbps, sometimes down into mid to low 10's. For example, when downloading a game on my PS5, my speeds go down to 260/90. I have had it performance plummet even further when playing online games.

    This happens even with shaping enabled or disabled entirely (no pipes, queues, or rules).

    With shaping enabled (using FQ-CoDel at 280/280 Mbps), performance is slightly improved but upload still lags behind download by a noticeable margin. This could've been a fluke too and it made no difference.

    When I pause a large download, download/upload speed jumps back up to 300 Mbps.

Troubleshooting Done:

    Verified CPU utilization in OPNsense and increased vCPUs to 4 due to high cpu spikes when shaping was enabled.

    Disabled and re-enabled traffic shaping.

    Verified both NICs are correctly assigned and visible in Proxmox and OPNsense.

    Monitored network stats and resource usage during tests.

    Ran multiple Speedtests from different wired clients.
   
    I have also tried to use both PCI pass through and a network bridge for the I226-v NIC.

Question:
What am I missing that could be causing this issue?

Thanks in advance for any help or ideas you can share!
July 16, 2025, 08:45:22 AM #1
My first thought is are you using a vNIC, or did you passthrough the NICs to OPNsense? If they're passed through, did you install the Realtek driver plugin? The stock BSD drivers for Realtek are questionable at best.
July 16, 2025, 10:03:03 AM #2
IDK if you have found and followed advice here. I recommend using vtnet, but with specific settings. There are things to consider for any setups, like RSS, see this, point 10[/url}.

Also, the traffic shaper needs some fine tuning and also stresses the CPU more. If you do not use multiple streams via RSS, you will find bottlenecks.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Print
Go Up Pages1
User actions