Interstellar Posted January 20, 2018 Share Posted January 20, 2018 I've just updated to 6.4.0 with the Spectre/Meltdown 'patches' (from rc15a IIRC) and have discovered that when I'm now hammering my connection, I get the best part of 40% CPU usage at ~25MB/sec (220Mbits give or take) when I used to hover around 15%. I've removed cores 2-3, 6-7 from general use via syslinux.cfg and assigned pfsense to 3 and 7 (I.e. core 4 + it's HT thread), so pfsense has its own 'core'. If I were to extrapolate from 220Mbits to 1Gbit (which may happen before I update the server) means that potentially my setup is no longer capable of running such a connection on one dedicated core. Currently not happy that I can loose such a chunk of performance in one fell swoop, (from reading up on the subject I'm of the opinion that if someone has gained access to my server that this bug is the least of my worries!!!) Hardware is a Supermicro X10-SLL and a E3-1230 v3. It had a microcode update back in nov... "microcode: microcode updated early to revision 0x23, date = 2017-11-20". Edit Seems Intel released another one: 20180108, wonder when I'll get that! So I was wondering what anyone else has seen performance wise pre and post patches? Link to comment
DZMM Posted January 20, 2018 Share Posted January 20, 2018 Mine hasn't changed from sub 15% usage (2 cores assigned) Link to comment
Interstellar Posted January 21, 2018 Author Share Posted January 21, 2018 What hardware are you running? Intel I assume? Cheers. Link to comment
DZMM Posted January 21, 2018 Share Posted January 21, 2018 yep - Xeon E5-2683 V3. Full spec in signature. I've been watching the usage for a few mins now and occassionally it spikes at around 25-30%, but drops back down sub 10%. Do you have a lot of traffic going through a VPN? If not, maybe it's a rogue package. Link to comment
1812 Posted January 21, 2018 Share Posted January 21, 2018 no particular problem. and here's the fun part: once pfsense updates to include the fix, it may slow down even more for you! Link to comment
Interstellar Posted January 22, 2018 Author Share Posted January 22, 2018 On 21/01/2018 at 11:55 AM, DZMM said: yep - Xeon E5-2683 V3. Full spec in signature. I've been watching the usage for a few mins now and occassionally it spikes at around 25-30%, but drops back down sub 10%. Do you have a lot of traffic going through a VPN? If not, maybe it's a rogue package. Nope - just by doing thinkbroadband's new speed test which maxes out my connection results in that kind of level. Can we disable the patch? (If they've got to my server already I doubt this will make much of a difference!) Link to comment
1812 Posted January 22, 2018 Share Posted January 22, 2018 after re-reading your post, I don't think this is a patch issue, and I'll tell you why: you've isolated the cores from unraid, which is the patched os. unRaid doesn't touch them. Only pfsense uses them and since it is currently unpatched (afaik,) then the patch can't be the issue. unless you're somehow maxing out emulator functions for the vm pinned to another single core, which would be affected. that is, unless my understanding of core isolation is flawed. perhaps your issue lies elsewhere.... Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.