4100/6100 Base or Max
-
@Gertjan
So here is my CPU graph after switching to python mode, ditching AdsBasic and tweaking the feeds:
Here are my current feeds:
So my feeds list now consists of the entire PRI1 list, a custom ingress list for my home NAS email server (not in use atm), about 6 GeoIP countries and the EasyList.
At this point the CPU load is below 5% average which seems very doable, so I'm swinging back to the 2100 which appears to be quite adequate for this load.
-
When you buy a 'base' rather than a Max it is a trivial task to add a suitable SSD. It would take a number of lifetimes to exceed the physical write life of my NVMe.
You know, I don't think I ever set Python mode... I will have to check and adjust if required.
️ -
@JonathanLee and to all in this topic:
I decided to give the SG-2100 a chance, mostly based on @JonathanLee 's recommendation and personal experience.
I went with the SSD model.
When I ordered Netgate just released the new SG-2100 with 128GB SSD and my unit in fact came with the larger drive.No issues so far and idling away at < 3% user util. RAM used 14% of 3388GB.
My ISP upped the cable internet to 400 down / 50 up (from 200/40). Speed tests don't make the SG-2100 sweat.
Power draw 5W steady, peaking to 6W incidentally, on a cheap smart plug in Home Assistant.
I have two weeks to evaluate and if I should prefer the 4100 I can return the 2100 under €25 restocking fee. So far no reason to.
Thanks,
-
@RobbieTT Hello, did you buy the ssd separately? I still couldn’t find a suitable, reliable company. Now I regret that I took it without ssd(. So far I’m only using suricata, I took netgate 6100 base
-
There are lots of SSD options out there (B & M) key, ideally without a DRAM cache. I have Intel Optane in mine - in terms of latency and small read/writes it is way faster than the router could use and has a write-lifetime that will exceed my life remaining!
You don't need a large drive, I ran mine with a 16GB Optane (~ £10) for a bit before using a 64GB (~£50) one:
The 32GB Optane is probably the sweet-spot for pfSense use with Suricata (~£24) when purchased new. I just use used the drive sizes I had kicking around. For non-optane SSD I would go for a 128GB or 256GB drive to get a reasonable lifetime out of it.
️ -
@RobbieTT said in 4100/6100 Base or Max:
There are lots of SSD options out there (B & M) key, ideally without a DRAM cache. I have Intel Optane in mine - in terms of latency and small read/writes it is way faster than the router could use and has a write-lifetime that will exceed my life remaining!
You don't need a large drive, I ran mine with a 16GB Optane (~ £10) for a bit before using a 64GB (~£50) one:
The 32GB Optane is probably the sweet-spot for pfSense use with Suricata (~£24) when purchased new. I just use used the drive sizes I had kicking around. For non-optane SSD I would go for a 128GB drive to get a reasonable lifetime out of it.
️I live in a city where I haven’t found a single ssd pcie key b+m, there is no talk of other parameters. The only available option is yours, MEMPEK1J064GA. I always use suricata actively. ntopng, squid+squidguard, I rarely use it, I may run haproxy in the future.
-
@Stef93 I cannot remember the last time I used a physical store for HDDs or SSDs. Probably not helped by the fact that my 'city' hasn't been the capital of England for a little over a 1000 years!
️ -
Winchester ? ( ! )
-
@Gertjan said in 4100/6100 Base or Max:
Winchester ? ( ! )
No, that was about 150 years earlier and Alfred was only the King of Wessex, rather than of England. Not a bad effort from a non-Englishman though.
That said, around that time Britain included a good chunk of modern-day France.
️ -
@RobbieTT said in 4100/6100 Base or Max:
@Gertjan said in 4100/6100 Base or Max:
Winchester ? ( ! )
No, that was about 150 years earlier and Alfred was only the King of Wessex, rather than of England. Not a bad effort from a non-Englishman though.
That said, around that time Britain included a good chunk of modern-day France.
️I would have guessed Winchester as well, which as I understand transformed into the capital of the whole of England, under the House of Wessex, some time after Alfred's passing. But if not Winchester, could it be Westminster?
-
@Cabledude
Think of the king that actually managed some peace, despite it all being recently glued together. Oh and demonstrated his limitations to his subjects by demonstrating that he could not hold back the tide. Also the one where history rearranged his name to avoid the 'c' word... -
@JonathanLee said in 4100/6100 Base or Max:
@Cabledude It is great the only time I see it MAX out on it is on system start up, reboots. Snort rebuilds take up some CPU and ram when that occurs too.
It is impressive to see this processor run with some good code like pfSense.
@JonathanLee I went with the SG-2100. The performance in terms of WAN throughput and routing is adequate but invoking the dashboard can take a lot of seconds:
-
3.5 seconds with "System Information" widget only
-
every additional widget makes dash load time increase by about a second
-
My usual dashboard widget layout takes 11 seconds to load. This is with SI, Disks, pfBlockerNG, Gateways, Interfaces, Services Status, ZFS and Traffic Graphs.
For comparison: my friend's SG-4100 dashboard takes 2 seconds to load and he has the same widgets that I have.
Is my dashboard load time similar to yours? Could you please either confirm or share your unit's behaviour? I am wondering if I got a melon or if this is normal for this model.
If it is normal I don't consider it to be a huge problem.Thanks a lot in advance!
Pete
Home: SG-2100 + UniFi + Synology. SG-1100 retired
Parents: SG-1100 + UniFi + Synology
Testing: SG-1100 w/ 120GB SSD via ext USB (eMMC dead). Works great -
-
@Cabledude
I'm not @JonathanLee
But I have and actively use Netgate 6100 Base (by the way, I bought an intel optane 64gb, it’s already waiting for me, I need to install it)
I can confirm that it takes a long time to load)
upd. there are a lot of widgets, a lot of things are spinning -
Thank you @Stef93. Are you saying your SG-6100 takes 10 seconds to load the dash?
Pete
Home: SG-2100 + UniFi + Synology. SG-1100 retired
Parents: SG-1100 + UniFi + Synology
Testing: SG-1100 w/ 120GB SSD via ext USB (eMMC dead). Works great -
@Cabledude
4-6s -
@Stef93 thank you. Then my 11 seconds is likely to be considered normal for the much lesser specc'ed CPU of the SG-2100.
Still curious that your 6100 takes 4-6 seconds where my friend's 4100 takes only 2 seconds. His widget list is:
- System Information, pfBlockerNG, Gateways, Interfaces, Services Status and Traffic Graphs
Good chance your 6100 has more widgets or some other kind that waits for info to load ("spinning")
-
@Cabledude
System Information, pfBlockerNG, Gateways, Interfaces, Services Status, Traffic Graphs x5
+
OpenVPN, Dynamic DNS Status, Ipsec, Disks -
There is a specific fix coming for the 6100/8200 that speeds up the dashboard loading if you have the interfaces widget there and don't have any SFP modules loaded.
It's in 23.09: https://redmine.pfsense.org/issues/13911Steve
-
My 6100 with Optane takes 1.91 seconds to load the dashboard over wifi.
My Xeon-D, also with Optane, takes 1.71 seconds over wifi:
I have a pretty busy dashboard and with live graphing, so it never really stops. Of course, with caching enabled and on a wired connection it will be quicker. My LAN uses SFP+ in both cases above.
-
@stephenw10 Hi Steve, can you confirm SG-2100 dash load time being as high as mine given these widgets:
System Information: 3,5 seconds
Disks: + 1.5 seconds
pfBlockerNG: + 0.75 seconds
Gateways: + 0.3 seconds
Interfaces: + 1.5 seconds
Services Status: + 2 seconds
ZFS: + 1 second
Traffic Graphs: +0.5 seconds
