What is the best processor for OPNsense?

We recommend at least dual core (preferable 4 core if you also host database on the firewall) cpu system. Single core cpu score is more important than having lots of cpu cores; for that, a Quad Core i7 PC system is more likely to perform better than a 12-core intel xeon server system.

Is 8gb enough for OPNsense?

The recommended specification to run all OPNsense standard features, means every feature is functional and fits most use cases. so I'm thinking a dual or quad core, over 2ghz base 2.9ghz burst with 8gb or 16gb ram and 256gb SSD should probably be what to go with .

Is OPNsense better than pfSense?

If you want high customizability and a large support community, pfSense is a good option. If you prioritize an easy-to-use interface and frequent updates, instead, OPNsense may be better . Ultimately, pfSense offers more flexibility for seasoned users, but OPNsense provides a more polished out-of-box experience.

How many cores for OPNsense?

Hardware requirements Processor 1 GHz dual core cpu RAM 2 GB Install method Serial console or video (vga) Install target SD or CF card with a minimum of 4 GB, use nano images for installation.

How much CPU does pfSense need?

pfSense Hardware Requirements and Guidance General Requirements: Minimum CPU - 500 Mhz RAM - 512 MB Recommended CPU - 1 Ghz RAM - 1 GB Requirements Specific to Individual Platforms: Full Install CD-ROM or USB for initial installation 1 GB hard drive

What is optimal hardware for pfSense?

pfSense firewall appliance recommendations CPU: 4 core, 1Ghz AMD GX-412TC (with AES-NI) RAM: 4GB ECC DDR3-1333 DRAM. NIC: 3x 1Gbps Intel i210AT. Storage: 16GB mSata SSD (larger SSD is an option) Routing throughput: 1Gbit on pfSense using multiple connections. ... VLAN: 250Mbps. More items... Dec 29, 2023

Is OPNsense free for commercial use?

Support services: While OPNsense is free to use , there are several commercial support services available. These services can provide you with assistance with installation, configuration, and troubleshooting.

Is OPNsense a firewall or a router?

OPNsense® a true open source security platform and more - OPNsense® is a true open source firewall and more.

Does OPNsense support WiFi?

Although wireless networks are supported in OPNsense , result may vary.

Is OPNsense single-threaded?

One commonly-stated problem with PPPoE, especially done on x86-based routers like pfSense and OPNsense is they're “ single-threaded ”. The reason why they're single-threaded is because of how NICs are designed. These NICs know how to sort IPv4 and IPv6 traffic, but not PPP traffic.

How to install plugins on OPNsense?

You can easily and quickly install available plugins by following these instructions: Be sure that your OPNsense system is up-to-date. ... Navigate to the System → Firmware → Plugins on OPNsense web UI. Search for the plugin you want to install, for example, os-rspamd . Oct 25, 2023

OPNsense performance optimization (2024)

Update 2022-11-26: We have received reports that these instructions don't work on the latest OPNSense 22.7 release. We will investigate in the future (as time allows) and update the instructions if possible.

Many of our customers choose to run OPNsense on their routers.

There are several "system tunables" in OPNsense that unlock extra performance on compatible hardware.

Upgrade BIOS on APU routers to get CPU boost

(this guidance applies only to APU2, APU3 and APU4 routers).

APU routers haveAMD GX-412TCCPU which has 1.4GHz boost frequency. To enable the boost, you need to upgrade your BIOS to versionv4.9.0.2 or later. See this other article for the BIOS upgrade instructions.

EnableTCP Offload Engine

Intel NICs are able to use the "hardware TCP segmentation offload". To turn this option on, go to System -> Settings -> Tunables and find "TCP Offload Engine".

EnableHardware Checksum Offloading

Similar to the setting above, Intel NICs can calculate the packet checksums in the hardware rather than at the OS level. This offloads the CPU and increases bandwith.

To turn this option on, go to System -> Settings -> Tunables and find "UDP Checksums".

net.inet.udp.checksum should be set to 1.Checksum offloading is usually beneficial as it allows the checksum to be calculated (outgoing) or verified (incoming) in hardware at a much faster rate than it could be handled in software.

Enable multi queue processing

APU routers have very performant Intel and Network Interfaces. These NICs have 4/2 transmit andreceive queues, being able to work simultaneusly on 4/2 connections.With some fine tuning, OPNSense can take advantage of this and route at 1Gbit when using more than one connection.

To enable multi queue support wewant to add the following two settings,enabling multi processing on both transimitng and receiving queues.

hw.igb.rx_process_limit="-1"hw.igb.tx_process_limit="-1"legal.intel_igb.license_ack="1"

The easiest way to do that is to add new system tunables as shown on the screenshot below.

Gigabit throughput verification

After these settings have been applied, your should be able to get a full gigabit throughput when using more than one connection at a time. See the test below that verifies this setup.

root@homedesktop:/home/sniku# iperf3 -c 192.168.5.175 -t 20 -P 2Connecting to host 192.168.5.175, port 5201[ 5] local 192.168.1.102 port 51756 connected to 192.168.5.175 port 5201[ 7] local 192.168.1.102 port 51758 connected to 192.168.5.175 port 5201[ ID] Interval Transfer Bitrate Retr Cwnd[ 5] 0.00-1.00 sec 66.4 MBytes 557 Mbits/sec 0 465 KBytes [ 7] 0.00-1.00 sec 49.2 MBytes 413 Mbits/sec 0 389 KBytes [SUM] 0.00-1.00 sec 116 MBytes 969 Mbits/sec 0 - - - - - - - - - - - - - - - - - - - - - - - - -[ 5] 1.00-2.00 sec 57.5 MBytes 483 Mbits/sec 0 551 KBytes [ 7] 1.00-2.00 sec 55.8 MBytes 468 Mbits/sec 0 529 KBytes [SUM] 1.00-2.00 sec 113 MBytes 951 Mbits/sec 0 - - - - - - - - - - - - - - - - - - - - - - - - -[ 5] 2.00-3.00 sec 56.2 MBytes 472 Mbits/sec 0 580 KBytes [ 7] 2.00-3.00 sec 56.3 MBytes 472 Mbits/sec 0 554 KBytes [SUM] 2.00-3.00 sec 113 MBytes 944 Mbits/sec 0 - - - - - - - - - - - - - - - - - - - - - - - - -[ 5] 3.00-4.00 sec 55.4 MBytes 464 Mbits/sec 0 580 KBytes [ 7] 3.00-4.00 sec 55.9 MBytes 469 Mbits/sec 0 554 KBytes [SUM] 3.00-4.00 sec 111 MBytes 934 Mbits/sec 0 ^C- - - - - - - - - - - - - - - - - - - - - - - - -[ 5] 4.00-4.33 sec 18.8 MBytes 473 Mbits/sec 0 580 KBytes [ 7] 4.00-4.33 sec 19.0 MBytes 477 Mbits/sec 0 554 KBytes [SUM] 4.00-4.33 sec 37.8 MBytes 950 Mbits/sec 0 - - - - - - - - - - - - - - - - - - - - - - - - -[ ID] Interval Transfer Bitrate Retr[ 5] 0.00-4.33 sec 254 MBytes 492 Mbits/sec 0 sender[ 5] 0.00-4.33 sec 0.00 Bytes 0.00 bits/sec receiver[ 7] 0.00-4.33 sec 236 MBytes 457 Mbits/sec 0 sender[ 7] 0.00-4.33 sec 0.00 Bytes 0.00 bits/sec receiver[SUM] 0.00-4.33 sec 491 MBytes 950 Mbits/sec 0 sender[SUM] 0.00-4.33 sec 0.00 Bytes 0.00 bits/sec receiver

OPNsense performance optimization (2024)

Upgrade BIOS on APU routers to get CPU boost

EnableTCP Offload Engine

EnableHardware Checksum Offloading

Enable multi queue processing

Gigabit throughput verification

FAQs

What is the best processor for OPNsense? ›

Is OPNsense single-threaded? ›

Processor	1 GHz dual core cpu
RAM	2 GB
Install method	Serial console or video (vga)
Install target	SD or CF card with a minimum of 4 GB, use nano images for installation.

General Requirements:
Minimum	CPU - 500 Mhz RAM - 512 MB
Recommended	CPU - 1 Ghz RAM - 1 GB
Requirements Specific to Individual Platforms:
Full Install	CD-ROM or USB for initial installation 1 GB hard drive