Comment on virtualizing OPNsense is....not going great
ShellMonkey@piefed.socdojo.com 2 weeks ago
It can make a big difference just in the processing power needed if there's anything more intense than a straight firewall. IPS tend to be a resource pig. What are the load numbers saying vs the number of CPU cores available?
I ran into similar (or even worse) choking trying to get it virtualized even with a proper passthrough that I eventually shelved but might take another run at someday. Knocking a couple hundred watts off the stack is always welcome.
muusemuuse@sh.itjust.works 2 weeks ago
Well I was going to drop to IDS instead of IPS and that’s good enough for home use. The load numbers on the host were 2 full cores used but that’s the NIC doing paravirtualizarion crap there. In bare metal, top shows nothing but the fans do spin up so it’s not telling me the whole story.
I think swapping to an i350 nic will help but I’m not certain if it will really help enough.