Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Latency a bit high on pfSense in VM

    Scheduled Pinned Locked Moved Hardware
    4 Posts 2 Posters 777 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fa
      last edited by fa

      I wanted to replace my Asus RT-AC68U router with pfSense. I already have a capable server, and wanted to run pfSense as a VM on it. I'm getting slightly worse ping times than the Asus.

      Results: Pinging my ISP's web server from a client through pfSense is 0.6 ms slower on average and has more variance in ping times. (pfSense and ASUS are both connected directly to the modem)

      # ASUS
rtt min/avg/max/mdev = 6.986/9.479/16.286/1.217 ms
# pfSense
rtt min/avg/max/mdev = 6.127/10.113/20.694/1.466 ms

      Repeated multiple times with same results. As a gamer I feel uneasy about chaning to pfSense as it is.

      I'm wondering if it's possible to get lower latency on this setup. If I have unrealistic expectations, feel free to stop reading :)

      The server is running TrueNAS SCALE, on top of Debian. I can configure KVM VMs in the GUI.

      CPU: Xeon E5-2697 v2 @ 2.7GHz (Ivy Bridge)
      NIC setup: LAN and WAN are different cables going into the server. The VM has VirtIO NICs connected to Linux network bridges (br0 br1), connected to each of the LAN and WAN.

      The pfSense VM is allocated 2 GB RAM and 4 cores.

      No special setup in KVM is done, just the defaults - and that's where I hope there may be something to gain. Any tips are greatly appreciated. (Also nice to know if it can't get better on this hardware and I should give up)

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Where is that latency happening? Try pinging the WAN and LAN locally or from LAN to some local WAN target or to another interface. Can you show it's on any particular interface?

        If not then it's probably just a result of running virtualised.

        Steve

        F 1 Reply Last reply Reply Quote 0
        • F
          fa @stephenw10
          last edited by

          Thanks for the reply stephenw (a long time ago) and I'm sorry I didn't reply to this before. I wasn't able to perform the tests then, and stuck with the Asus.

          With a recent Asus router problem, I was forced to switch to pfSense (and though the Asus issue is solved now, I will continue with pfSense).

          I found that between pinging the VM host and pfSense VM there was a 0.1 to 0.5 ms additional latency.

          I'm going to use it like this. I can't pretend that tenths of a millisecond is going to make a difference in gaming, I'm not actually that quick to react. In case you or others are interested I can try some more tests, as I have a (physical) switch on the WAN side, but it's a bit much work to set up.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Unlikely you will remove that entirely with a VM like that. I agree you almost certainly won't be able to detect it in reality.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.