OPNsense capping speeds in Proxmox VM

[NoreMakes]

Hello, for some reason OPNsense is capping my speed to around 400 mbps in both wired and wireless, but when I wire my PC directly to my Xfinity gateway I get 1.5GBps. I'm not entirely sure why. The VM isn't being bottle necked by CPU or RAM. I have nic0 setup as WAN and in proxmox I've bridged nic1-4 as LAN and passed that over to OPNsense. My Xfinity gateway is in bridge mode as well but strangely this wasn't an issue before I set it to that.

Sorry I'm a bit new to this, any help is greatly appreciated! Thanks!

 

[meyergru]

There are quite some pitfalls to using OpnSense under Proxmox, see this.

IDK if you passed your NICs through or used virtio drivers from what you wrote, also, bridging should be handled in OpnSense and it is a topic on itself (see OpnSense docs for steps to do this).

With speeds exceeding 1 Gbps, you should also set RSS like instructed here, point 10.

That being said, virtio is the more stable approach for OpnSense, because FreeBSD driver quality and coverage is not as good as Linux's (like with Realtek adapters or anything more exotic than Intel), however, speed-wise, you may be better off by using passthru.

 

[NoreMakes]

There are quite some pitfalls to using OpnSense under Proxmox, see this.

IDK if you passed your NICs through or used virtio drivers from what you wrote, also, bridging should be handled in OpnSense and it is a topic on itself (see OpnSense docs for steps to do this).

With speeds exceeding 1 Gbps, you should also set RSS like instructed here, point 10.

That being said, virtio is the more stable approach for OpnSense, because FreeBSD driver quality and coverage is not as good as Linux's (like with Realtek adapters or anything more exotic than Intel), however, speed-wise, you may be better off by using passthru.

Hi! Thanks for the quick response, the NICs are using virtio, and are no longer bridged in proxmox. Now to keep it simple I just have nic0 as vmbr0 for WAN and nic1 as vmbr1 for LAN. I tried to pass the LAN through as a raw PCI Device after reading and it broke something, so had to go into recovery mode to reverse that and go back to vmbr1. As for RSS, if I understand correctly. The physical NICs have 4 RSS queues, and the VM is using virtio multiqueue with 5 queues. During speed tests my CPU only gets up to about 15% according to proxmox. It's running with 5 cores from an intel N300.

Sorry if I missed anything, or if my phrasing is off! I understand some basics but am overall pretty new to this.

 

[meyergru]

I meant to enable RSS on OpnSense, otherwise only one queue will ever be used. The instructions are linked to in my article.