====== Performance ======

  * [[https://docs.opnsense.org/troubleshooting/performance.html|Performance]]
  * [[https://medium.com/@truvis.thornton/opnsense-firewall-configuration-performance-tuning-for-multi-gigabit-internet-and-better-speeds-in-cfc80c49c544|OpnSense Firewall Configuration: Performance Tuning for Multi-Gigabit Internet and better speeds in general
Truvis Thornton]]

===== sysctl =====

  * **hw.ibrs_disable=1** 	Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)
  * **vm.pmap.pti=0** 	Page Table Isolation (Meltdown mitigation, requires reboot.)
  * **net.isr.maxthreads=-1** (was 1 thread) This uncaps the amount of CPU’s which can be used for netisr processing. By default this aspect of the network stack on FreeBSD seems to be single threaded. Default -1 is 1 thread per cpu.
  * **net.isr.bindthreads=1** This binds each of the ISR threads to 1 CPU core, which makes sense to do since we are launching one per core.