Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Disable hardware TCP segmentation offload

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 4 Posters 3.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gjaltemba
      last edited by

      I do not remember ever changing the following settings. These settings seem to conflict. Who wins?

      System -> Advanced -> Networking
      Disable hardware TCP segmentation offload = checked

      System -> Advanced -> System Tunables
      net.inet.tcp.tso = 1

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The tunable disables it system-wide. The checkbox disables it manually on the assigned network interfaces.

        When the box is checked (default), the NICs will have it disabled. The tunable can still be "1", meaning that it's possible for a NIC to use TSO still, if it had to, but it does not force it on.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • K
          kolpinkb
          last edited by

          I'm having trouble finding the "sysctl" values for the other two options:

          Disable hardware large receive offload
          &
          Disable hardware checksum offload

          I would like to verify because I'm using Suricata and they need to be disabled for proper functionality.  I've done lots of searching and can't locate the values even after scanning through all sysctl net manually.

          Any thoughts anyone?

          1 Reply Last reply Reply Quote 0
          • P
            pfBasic Banned
            last edited by

            @gjaltemba:

            System -> Advanced -> Networking

            Yeah, all three offloading functions that you need to disable are there.

            1 Reply Last reply Reply Quote 0
            • K
              kolpinkb
              last edited by

              They don't seem to be functioning properly.

              Checking TSO to disabled still results in sysctl net.inet.tcp.tso returning a 1.

              Manually setting net.inet.tcp.tso = 0 in loader.conf.local still returns a 1 after reboot.

              That is why I was looking for the sysctl parameters for the other disabled options.

              1 Reply Last reply Reply Quote 0
              • P
                pfBasic Banned
                last edited by

                Re read jimps post, they are working fine.

                Don't use system tunables unless you know exactly what you are doing it are told to do so by someone who does.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.