pfSense ESXI gigabit?
-
I recently upgraded to Rogers Ignite Gigabit, however I have been getting throughput issues, when testing from iperf3 from my pc to pfSense I get 850 mbps per second however when running a speed test to the internet I get 400 to 600 mbps.
I have changed my adapter type to vmxnet3 and checked these settings following other forum posts, disabled CODEL and uninstalled suricata:
Before bridging and connecting my rogers modem to pfSense I got around 950 mbps down with my PC wired to the modem
Server Specs:
ESXI 6.5 U2
HP DL380 G6
2x Intel Xeon X5650VM Specs:
8 CPU cores
8 GB RAM -
@ikifar
Disabling hardware checksum offloading is not recommended for VMware. -
@viragomann I saw someone recommend disabling and I just tried without, performance seems worse
-
Disable HT, Firewalls don't like it, is a real time application.
Try 6 Sockets and 6 vCPUs. -
@nocling Whats HT stand for?
-
-
@viragomann I doubt disabling it would help, I thought if anything hyperthreading would help. I don't see much CPU usage when I run a speed test but it does spike a bit
-
Look how HT works.
It overload the pipe so it can work on 2 different Thrads.
But one disadvantage is a negativ latency impact.It is not much, but depend on the situation.
Try it, you can switch it on again.
https://forum.netgate.com/topic/152417/pfsense-and-hyper-threading-in-2020
-
@nocling said in pfSense ESXI gigabit?:
https://forum.netgate.com/topic/152417/pfsense-and-hyper-threading-in-2020
In the post you link to they are talking about VPN, the issue I am having is not related to VPN but I will give it a try, I highly doubt it will make a 500 mbps improvement
-
I can't see you needing 8 vCPUs, but if you're going to use 8 of your 12, make sure it's configured as 2 sockets 4 cores, this is simply to avoid NUMA.
If you have an understanding of how hypervisors work, less is better, give your firewall the resources it needs, but dont over allocate it. Try 2 vCPUs 1 socket 2 cores, or 1 socket 4 cores if you think you'll actually need it - though I'd doubt it.
-
It seems this could be an ISP issue now, I am still troubleshooting, changed nothing and am now getting around 850 mbps
https://twitter.com/MathesonStep/status/1362429291838001154
