TCP Segmentation Offload/Hardware Large Receive Offload
-
Advanced networking configuration for pfsense+ has checkboxes to enable/disable the features in the subject line.
I have a Netgate 8200. It arrived with those boxes checked (i.e., feature is disabled). Should those features be disabled on an 8200?
-
They are expected to be disabled by default on the 8200, yes. There is little point in enabling them for a router/firewall.
Steve
-
@stephenw10 Thank you. Guess I don't understand what they do, and why they would be inapplicable to a router/firewall.
-
TCP Segmentation in particular is only useful on a device that is terminating a TCP session. Firewall/routers don't generally do that, they just pass traffic. Some connections are terminated on the firewall such as those using the webgui or VPNs or a proxy. If your particular application includes a lot of that traffic it may be beneficial to enable that.
Historically there have been drivers/hardware that had issues with those hardware offloading options so it is safer to leave them disabled. -
@stephenw10 Thank you very much for the detailed response.
