Tuning OpenBSD for desktop usage

Over the past years, there has been a major increase in OpenBSD desktop users. No wonder, as the operating system offers a clean 'n mean base for the ultimate workflow. Don't worry about entertainment options, there is even a community dedicated to gaming on OpenBSD. There are some neat tweaks, to tune the performance of OpenBSD for desktop usage that I'd like to share.

Disk performance

By editing /etc/fstab and adding two options (noatime,softdep), the disk performance can be increased. Add the options after rw, as done in the following example:

[identifier].b none swap sw
[identifier].a / ffs rw,noatime,softdep 1 1
[identifier].k /home ffs rw,noatime,softdep,nodev,nosuid 1 2
[identifier].d /tmp ffs rw,noatime,softdep,nodev,nosuid 1 2
[identifier].f /usr ffs rw,noatime,softdep,nodev 1 2
[identifier].g /usr/X11R6 ffs rw,noatime,softdep,nodev 1 2
[identifier].h /usr/local ffs rw,noatime,softdep,wxallowed,nodev 1 2
[identifier].j /usr/obj ffs rw,noatime,softdep,nodev,nosuid 1 2
[identifier].i /usr/src ffs rw,noatime,softdep,nodev,nosuid 1 2
[identifier].e /var ffs rw,noatime,softdep,nodev,nosuid 1 2

This requires a reboot in order to be active - but don't do so just yet, as we have more tuning to do.

Resource allocation

OpenBSD is rather conservative with the default resource allocation, which is a good thing. Depending on your hardware and usage, you might want to tweak these settings. Browsers, java applications (yikes!) and games tend to be especially memory hungry. The resource allocations can be configured globally or per group/user in /etc/login.conf. I am the sole user for both my notebook and workstation, so I tend to change the global defaults:

default:\
        :path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
        :umask=027:\
        :datasize-max=8192M:\
        :datasize-cur=1024M:\
        :maxproc-max=512:\
        :maxproc-cur=128:\
        :openfiles-max=8192:\
        :openfiles-cur=4096:\
        :stacksize-cur=4M:\
        :localcipher=blowfish,a:\
        :tc=auth-defaults:\
        :tc=auth-ftp-defaults:

The most relevant part are the datasize settings, as this sets the amount of RAM that an application is allowed to consume. As you might notice, I have very high limits set. This configuration comes from my workstation, with 64GB RAM. Perhaps a more sane setting would be 2048M as the maximum and 1024M as the soft limit (-cur). It's worth looking at the maxproc and openfiles limits as well.

Kernel tweaking

OpenBSD 6.4 ships with hyperthreading disabled by default, due to Intels clusterfucks. Personally, I don't change this due to my no-compromises attitude on security. It is even argued that HT could slow down performance in some situations. So FFS, let's not change this. But what we can do, is increase performance even further via some kernel tweaks. These lines go in /etc/sysctl.conf:

machdep.allowaperture=1

kern.maxvnodes=768000
kern.maxfiles=32768
kern.maxclusters=256000
kern.seminfo.semmni=1024
kern.seminfo.semmns=4096
kern.shminfo.shmmax=805306368
kern.shminfo.shmall=32768
kern.bufcachepercent=90

net.inet.ip.maxqueue=2048
kern.somaxconn=2048
net.bpf.bufsize=2097152
net.bpf.maxbufsize=4194304
net.inet.ip.portfirst=32768
net.inet.ip.portlast=49151
net.inet.ip.porthifirst=49152
net.inet.ip.porthilast=65535
net.inet.ip.ifq.maxlen=256
net.inet.ip.mtudisc=0

The allowaperture setting is for the desktop environment. Depending on your window manager, it might be required to set this to 2. The kern. settings increase caching, buffering and performance. The last paragraph changes the network parameters, thus increasing the network performance. Read more in-depth info on network tweaking on Calomel.org and about bufferbloat on PaulAdamSmith.com.

Final words

These tweaks allow increasing the performance greatly, but are dependent on individual usage. As always, feedback is greatly appreciated, as are questions and sharing your own settings. Find me on Mastodon, Twitter or via e-mail.