Advantages to Plus

michmoor

@Patch who’s accelerating?
I purchased 15x 6100s…I’m not a paying customer? Are you ok? You need some therapy bud

RobbieTT

@michmoor said in Advantages to Plus:

@RobbieTT Im thinking in terms of the future. At some point in the future plus will be $129/yr.
Is QAT or boot environments really worth that? Doesnt seem like the proper value add. The reason they will charge is that they expect growth and an increase in revenue. Thats fine. But in order to get that increase you need buy-in from customers and at the end of the day I dont think there is any powerful enough marketing to say "Pay us and get QAT".

I think my point is that different users will have a different reason to select pfSense Plus, or indeed not to.

The good thing about this change is that Netgate remains committed to the free version (as they should be with a nod towards both development and probably OPNSense), providing Plus for free for individuals or lab use and providing it as part of a Netgate hardware purchase.

The price you suggest would equate to what a 6100 Max would cost over 7 years. It does not seem like a mad price to me, especially with the free or limited use options still available.

️

michmoor

@RobbieTT Oh for sure. My question was really geared toward the value add proposition for Plus. Considering CE and Plus differences are very minor im hoping in the future plus users get more exclusive features because of the proposed charge.

RobbieTT

@michmoor
It's hard to know the future but for me the end of the Netgate experience may be due to the BSD handicap with high-bandwidth PPPoE, rather than a 'must-have' feature.

PPPoE WANs are pretty common in Europe and relying on a single core under BSD is probably a dead-end for Netgate hardware, with or without the Plus.

️

michmoor

@RobbieTT yep good point. Don’t think they will be moving to a Linux based pfSense anytime soon. So where will you go next?

RobbieTT

@michmoor No idea as to the next path. I'm still pretty new to pfSense having leapt from EdgeRouters, but I did so knowing of the PPPoE limitation and that the 6100 would be the minimum required for my needs.

I think I may be able to squeeze 1.4 Gbps through the 6100, which will probably be ok for the next 2 years or so. Of course, I'd like to be able to run more demanding packages too but BSD vs PPPoE makes this impossible.

What made the 6100 even a contender for my use was QAT. The offloading provided by it keeps the router relevant, along with the good selection of interfaces. I also prefer to pay for firewall/routers rather than rolling my own - it makes the compliance process considerably easier.

Of course, there is always hope that with BSD pulls something out of the bag or that PPPoE is dropped from the likes of the UK Openreach network... no breath is being held for either though.

️

rcoleman-netgate

@RobbieTT said in Advantages to Plus:

I did so knowing of the PPPoE limitation and that the 6100 would be the minimum required for my needs.

We have many reports of PPPoE speeds on devices exceeding 800mbps on ~1Gbps service lines.

I have 960Mbps Lumen FTTH that is VLAN'd PPPoE and I get full service speed on a 7100. A coworker is getting 800Mbps on the same service with a 2100.

RobbieTT

@rcoleman-netgate said in Advantages to Plus:

We have many reports of PPPoE speeds on devices exceeding 800mbps on ~1Gbps service lines.

Oh for sure - I am one of them and have also posted positively on this forum.

I run a PPPoE 1 Gbps FTTP service via a 2.5 GbE ONT with FQ_CoDel on upload and download, pfBlockerNG plus some minor services, with a mixed IPv4/IPv6 environment (heavy on the IPv6 side) and LAN and VLANs in a RoS configuration on a single SFP+ (10GbE) interface. When running at the full 920+ Mbps the single core is ~80% loaded, so I currently have some CPU headroom.

Running the above on a synthetic local PPPoE load it seems to top-out at ~1.2 to 1.4 Gbps. My ISP is moving to a 2 Gbps+ service (an actual 1.8 Gbps) later this year; so from then I will be leaving bandwidth on the table.

Ideally I would also be running Suricata and ntopng as additional packages but I just don't have the CPU performance needed for PPPoE.

I should add the other performance metric of note - QAT offloaded IPsec is just epic. I am also trying to tune my PPPoE performance further:

I mean, who amongst us doesn't like to breakout the testing and see how far we can push Netgate & pfSense?

️

rcoleman-netgate

@RobbieTT said in Advantages to Plus:

I mean, who amongst us doesn't like to breakout the testing and see how far we can push Netgate & pfSense?

.... A number of months back I requested allocation of some extra hardware so I could reasonably test 10Gbps PPPoE in the lab.
As of yet... it has not been approved -- but I'm just a TAC support grunt and not in the engineering department nor do I do any testing outside of redmines and future releases.

RobbieTT

@rcoleman-netgate said in Advantages to Plus:

As of yet... it has not been approved --

That's unfortunate but there could be business decisions behind it. Netgate does not engage that hard with the European market or make any real effort to market their products here in the UK.

The UK distributers don't exactly push the products either; one of them actively avoids calls when it comes to Netgate hardware, whilst the other openly comments that Netgate prices are just too high when compared to those in the US market.

Still, pfSense and Negate do have an established customer base here so perhaps resources may become available at some point to look at markets dogged by PPPoE vs FreeBSD. Upstream changes are more challenging but I remain convinced that more can be done with tuning behind the scenes, triggered by the end-user when they select the PPPoE option on the GUI.

One thing for certain is that high-bandwidth PPPoE is being deployed rapidly in some countries - the problem is only getting bigger.

️