I just found a solution to a problem I've been having with OPNSense where I wasn't getting the full 'Gig-fibre' download speeds and I thought I'd post here in case anyone else has the same problem in future.

I have a 'Mini-PC + Multi NIC' style firewall running OPNSense, but this is probably relevant to PFSense as well.

When I first installed it I was only getting ~750MBit downloads and I wasn't sure why.

The short version on how I resolved this is I enabled 'RSS (Receive Side Scaling)'.

The documentation to setup this up on OPNSense is here.

I would highly recommend reading through and understanding the documentation before making any changes as there are couple of gotchas which may result in bad things happening if you're not aware.

Also, the process is a bit convoluted and difficult to get your head around, so pre-reading would be helpful in that regard as well.

Basically what RSS does is allow workloads to be assigned to multiple CPU cores vs the default of only core 0.

The 'Core 0 Only' default is there due to potential compatibility issues; not all hardware supports RSS.

My download speeds were being capped due to the fact that RSS was off and core 0 was maxxing out.

After enabling RSS, the CPU load was spread across multiple cores and I'm getting a perfect 940/520MBit Speedtest result, all day, every day.

Hope this helps someone, somehow, somewhere, sometime!

Sam.