{"id":2116,"date":"2024-04-25T17:17:31","date_gmt":"2024-04-25T17:17:31","guid":{"rendered":"https:\/\/blog.shade.sh\/?p=2116"},"modified":"2024-04-25T17:58:44","modified_gmt":"2024-04-25T17:58:44","slug":"opnsense-10gbit-dec750","status":"publish","type":"post","link":"https:\/\/blog.shade.sh\/index.php\/archive\/2116","title":{"rendered":"OPNSense 10Gbit DEC750"},"content":{"rendered":"\n<p>It seems its hard to get this nice piece of Hardware to utilize its two 10gbit SFP+ Links.<br>The CPU, a AMD V1500B, isn&#8217;t the fastest in comparison to todays embedded Processors on the Market.<\/p>\n\n\n\n<p>After a lot reading through the OPNsense Forums and several FreeBSD Blogs \/ Bug Tracker, i maybe found the ideal Tuning Parameters to squeeze the most out of this tiny fanless Box.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>It looks like, the most important things here are:<\/p>\n\n\n\n<p><strong><a href=\"https:\/\/wiki.freebsd.org\/Networking\/ReceiveSideScaling\" target=\"_blank\" rel=\"noreferrer noopener\">RSS with 3 Bits (ReceiveSideScaling)<\/a><\/strong><br><strong><a href=\"https:\/\/svnweb.freebsd.org\/base?view=revision&amp;revision=354338\" target=\"_blank\" rel=\"noreferrer noopener\">machdep.hyperthreading_intr_allowed<\/a><\/strong><br><br>Alongside other important Tuning Parameter, this did the most positive Impact and distributed finaly Interrupt Workload across all Cores (4 physical and 4 HTT Cores). Before only 4 Cores are utilized (you can check that with &#8220;top -P&#8221;), now all 8 Cores are part of Interrupt processing. This gave me additional 2Gbit\/s so i can now squeeze around of max <strong>7,5gbit\/s<\/strong> with NAT \/ Routing out of this Box. Let me clarify here, i don&#8217;t use Zenarmor or Suricata on this box! With those IDS\/IPS enabled it should be clear that throughput would be much lower, because this box is simply not well enough equipped.<\/p>\n\n\n\n<p>The OPNSense DEC Hardware have Default Configs from Deciso, i&#8217;m not going to discuss this Parameter here. If you reinstalled your Box, you should import these <a href=\"https:\/\/docs.opnsense.org\/hardware\/defaults.html\" target=\"_blank\" rel=\"noreferrer noopener\">Default Configs<\/a> before adding my Parameter.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Here are all of my additional tunings:<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>hw.ibrs_disable=1<br>kern.ipc.maxsockbuf=16777216<br><strong>machdep.hyperthreading_intr_allowed=1<\/strong><br><strong>net.inet.rss.bits=3<br>net.inet.rss.enabled=1<\/strong><br>net.inet.tcp.recvbuf_max=4194304<br>net.inet.tcp.sendbuf_inc=65536<br>net.inet.tcp.sendbuf_max=4194304<br>net.inet.tcp.soreceive_stream=1<br>net.isr.bindthreads=1<br>net.isr.defaultqlimit=2048<br>net.isr.dispatch=deferred<br>net.isr.maxthreads=-1<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">And here is the result with a internet IPerf3 Test<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;SUM] 0.00-30.00 sec 25.0 GBytes 7.16 Gbits\/sec 15958 sender\n&#91;SUM] 0.00-30.00 sec 24.9 GBytes 7.13 Gbits\/sec receiver\n\nCPU 0: 12.9% user,  0.0% nice, 17.3% system, 67.5% interrupt,  2.4% idle\nCPU 1:  0.0% user,  0.0% nice, 56.1% system, 43.9% interrupt,  0.0% idle\nCPU 2:  0.0% user,  0.0% nice, 78.8% system, 21.2% interrupt,  0.0% idle\nCPU 3:  0.4% user,  0.0% nice, 70.2% system, 29.0% interrupt,  0.4% idle\nCPU 4: 25.5% user,  0.0% nice, 16.9% system, 53.3% interrupt,  4.3% idle\nCPU 5:  5.9% user,  0.0% nice,  3.9% system, 87.8% interrupt,  2.4% idle\nCPU 6:  9.0% user,  0.0% nice, 36.1% system, 54.1% interrupt,  0.8% idle\nCPU 7: 11.0% user,  0.0% nice, 12.5% system, 73.7% interrupt,  2.7% idle\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>It seems its hard to get this nice piece of Hardware to utilize its two 10gbit SFP+ Links.The CPU, a AMD V1500B, isn&#8217;t the fastest in comparison to todays embedded Processors on the Market. After a lot reading through the &hellip;<\/p>\n<p class=\"read-more\"><a href=\"https:\/\/blog.shade.sh\/index.php\/archive\/2116\">Read more &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,256,429,431,430],"tags":[424,422,421,425,427,428,420,426,423],"class_list":["post-2116","post","type-post","status-publish","format-standard","hentry","category-allgemein","category-erfahrungsbericht","category-freebsd","category-networking","category-opnsense","tag-10gbit","tag-dec740","tag-dec750","tag-fiber","tag-hyperthreading_intr","tag-interrupt","tag-opnsense","tag-rss","tag-sfp"],"_links":{"self":[{"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/posts\/2116","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/comments?post=2116"}],"version-history":[{"count":24,"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/posts\/2116\/revisions"}],"predecessor-version":[{"id":2142,"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/posts\/2116\/revisions\/2142"}],"wp:attachment":[{"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/media?parent=2116"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/categories?post=2116"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.shade.sh\/index.php\/wp-json\/wp\/v2\/tags?post=2116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}