Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hyper-V performance issues

    Scheduled Pinned Locked Moved Virtualization
    4 Posts 4 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nh5x
      last edited by

      Hi all,

      So I've been through my share of troubles with Hyper-V and pfSense before and now am legitimately stuck.

      We have a Dell R720 with a few light VM's and a pfSense instance. This server previously was a ESXi host where pfSense performed fine.
      ISP: Pilot (NYC) 1gig symmetrical

      pfSense is set up in front of a Layer 3 switch which is defining the subnets. Traffic forwards to pfSense and all works well.
      Performance is the only issue.
      pfSense is given 4vCPU, 4GB RAM and has 3 NIC's assigned. Two for WAN VLAN's for both ISPs and one for the LAN to the L3 switch.
      We get around 300/400 on the pfSense box. Where on ESXi we used to clear 900/900.
      We had the Broadcom 5720 NIC's in the 720. Just gutted them and switched to an Intel I-350 daughter board. Still no change.
      I've tried dedicated NIC's to pfSense and just LAGG'ing all four NIC's together and telling pfSense what to do.

      Still can't get the speeds any higher. Direct connection to pilot works fine and hyper-v on a workstation connected directly to the WAN works fine as well. Which basically narrows it down.

      At this point I'm out of options except admitting defeat that Hyper-V just can't perform with pfSense. Any other options here? Has anyone truly maxed out a 1gig link with pfSense on HyperV?

      1 Reply Last reply Reply Quote 0
      • 7
        753951
        last edited by

        I have pfSense installed as VM on Hyper-V Server 2016. One WAN and two LAN segments on Intel i-350 quad port card. One LAN segment is connected to one Gb switch and another LAN segment to MoCa 2.0 - coax cable - MoCa 2.0 - Gb switch. There are only 4-5 firewall rules between two LAN segments and I can get maximum speed that MoCa 2.0 adapter allows (about 920 mb/s both ways) between them.

        I have only 2 virtual CPUs assigned to pfSense from Xeon E3-1231V3. I'm not running many add-ons, and nothing that would have high impact on throughput performance, like Squid or Snort.

        1 Reply Last reply Reply Quote 0
        • A
          andipandi
          last edited by

          Did you try things like SRV-IO or tweaking the NICs parameters in Hyper-V? That should make some difference.

          Also, does your CPU go to 100% for at least one of the assigned cores?

          The NIC features are supposed to offload work form the CPUs, especially the Intel ones should support this.

          1 Reply Last reply Reply Quote 0
          • N
            nh5
            last edited by

            Been through all those suggestions but I appreciate the responses. I currently have 4 cores assigned, none seem to pin even under heavy load. The I350 nic settings I've left at their defaults. With the Broadcom's I had VMQ's disabled. The IPSec offload is enabled on the virtual NIC's. I'm starting to think that some how the Layer3 configuration is playing a role in the issue. I'm going to do a bit more research and follow up.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.