Pfsense in the Fiber world?

voxmagna1

Hi. I've started this thread for general discussion.
Many ISPs now offer Fiber To The Home (FTH) internet access and I've been wondering what impact high fiber speeds will have for routers, firewalls, and switchers? For firewalls and hardware using PfSense, what impact will this have for hardware sustaining high speeds 10-20 Gb/S and where are the bottlenecks? There seems to be a transition at the moment where most ISP provided hardware routers have 1000 BaseT Ethernet connections with some including a fiber port. There are many pros & cons arguing fiber versus Ethernet over CAT6e, but I can see a future where new buildings incorporate fiber. Fiber interfaces are expensive at the moment, but fibre can be safely installed alongside voltage carrying cables which reduces building costs.

I use PfSense installed in an Intel NUC for home routing . High speed NICs are available for routing fiber but I suspect the speed bottleneck will be the PCie card NIC interface, how the host pc manages routing at high fiber speeds and firewall processing speeds?

Is anybody running Pfsense firewall as a first line router on a high speed fiber system, what hardware are you using and what speed?

Gertjan

@voxmagna1 said in Pfsense in the Fiber world?:

Many ISPs now offer Fiber To The Home (FTH) internet access and I've been wondering what impact high fiber speeds will have for routers, firewalls, and switchers? For firewalls and hardware using PfSense, what impact will this have for hardware sustaining high speeds

Most LANs are - afaik, left the 100 Mbits area a long time ago, its all 1 Gbits/sec these days at home, and mostly also SOHO, and somewhat bigger.
Some lucky ones, those avec a big network, hundreds or more devices, could have an internal '10 Gbit/sec' backbone.
But ISPs that go beyond 1 GBit/sec are still are. I guess I won't find one in the town I live (a whopping 4200 people).
So, for our firewalls, routers, etc it's just one more of the mill 1 Gbit sec interface. Already way better as a typical 1 Gbit.sec LAN and a 10 times slower (example) 100 Mbits down and 50 Mbit sec up link.

So no big deal at all.

@voxmagna1 said in Pfsense in the Fiber world?:

There are many pros & cons arguing fiber versus Ethernet over CAT6e

Both have their own specific usages.
Try a repair a fibre connection yourself. Its game over right away.
A fibre connection can be very long - right across the down (if you like digging) isn't a problem..
A CAT6 cable : get one at the local drugs store and you're good - or make your own.
Their is a 100 M or 300 feet limit I guess.

@voxmagna1 said in Pfsense in the Fiber world?:

Is anybody running Pfsense firewall as a first line router

Well, there is this now : Netgate 8300 released… and that's with pfSEnse, I wonder what that does with TNSR ...

stephenw10

@Gertjan said in Pfsense in the Fiber world?:

I wonder what that does with TNSR ...

All the packets!

JonathanLee

WiFi 7 and 6 are beyond 1000mbps

Wi-Fi 7 can reach peak rates of over 40 Gbps

Gertjan

@JonathanLee

"Wifi" == local 'LAN' traffic.
Nice to have a screaming LAN, but what is is worth if nearly all your traffic comes from the Internet using speeds which are ten fold less ?
"Wifi 7" with 40 Gbs, very nice if you want to stream your your 4K movie from your "10 Gbit" NAS.
Calling my ISP and ask them : "Hey, I have 40 Gbps devices now, do you have an offer that can match that speed ?" they will send me a contract to open up a POP interlink. Example. 10 K$ a month ?

Speed is like cars : nice to have that Italien bolide that can de 200+ mph. On your own private circuit, not on the public road. Yeah, cool, driving 200 through you own garden ....

JonathanLee

@Gertjan I would love a high speed VPN with WiFi 7 speeds, I think the highest speed for WAN I can get right now with fiber is 5gbps it is what is listed on the modem some place, again I am not gonna pay for speed just for watching a movie like Skull island with John Goodman, I mean John shouldn’t have died in that movie, you know, anyway it’s as high quality as it gets already with 1gbps. Jurassic Park Jeff Goldblum he is an actor that should have died in that movie with that T-Rex and that building, I mean I was waiting for it, how did he survive that. I went on a tangent here, again who needs speeds that high at home, the quality of stuff is amazing at 1gbps. Again the ISP has started to reach speeds like this for 4k or 5k or something? Long story short John Goodman is an amazing actor I was pissed he died, and Jeff Goldbloom survives a monster attack, I mean really, I am convinced he can’t do a he is eaten scene

Gertjan

@JonathanLee said in Pfsense in the Fiber world?:

I would love a high speed VPN with WiFi 7 speeds

You are aware that a VPN connections needs " a 100 times more CPU cycles " as non VPN traffic per byte send/received ?
This means : 100 more energy needed ... (CO2).

JonathanLee

@Gertjan I did not know that. I know the cipher decipher takes a lot of cycles, but didn’t know it was that high.

voxmagna1

I'm following replies, thanks for answers so far. Fast WiFi? all sounds good on paper, but 5G depends on power level restrictions set by local countries, can't work well within buildings at distance and with obstructions.

The biggest market need for upgrades is happening on the domestic consumer side. High network capacity and reach now has to consider the growth of on-demand video services for TV and games streaming. Big ISP s are investing in fiber to the home to deliver their pay per view or subscription services. Traditional telecoms companies like BT/Openreach are shutting down copper voice circuits and VOIP will become the norm.

Many other consumer services will be carried over fiber in future and the router/firewall will be a key component. For small home networks. Fibre could be used from the house road boundary to a central high speed fiber to Ethernet CAT6e switcher inside the property. Could multiple sub-LANs be created with a PfSense router allocated to those sub LANs requiring protection and controls? I don't know how this could work, unless the switcher authenticates the WAN side connection.

Gertjan

@voxmagna1 said in Pfsense in the Fiber world?:

Fast WiFi? all sounds good on paper, but 5G depends on power level restrictions set by local countries

What has Wifi to do with 5G ?

"Wifi 5G" means "Wifi 5 Generation" and the frequencies are not related at all with the "5G" used by our phones to connect to the 5G phone company network. To use (== send/receive) on the 5G (phone operators) frequencies you have to pay "billions first" (in Europe).
This mix up is even know here where I live : people don't want the latest router box as it says "supports Wifi 5G (and now also 6G)" and they think they get a 5G (phone operator) frequency emitter in their house.
Oh boy .... things are going down hill fast, and be aware : we don't have Fox news here where I live.
For the same reason a 'fibre connection' (edit : by some locals) is boycotted as it is need to support the Wifi 5G speeds.
They say : "Fibre is dangerous ..." ADSL, after all, tops out at 25 Mbits / sec .... so quiet useless to promote the new Wifi 5G 500 Mbits capabilities.
Yeah, a red led flashing led in a plastic hair fine 'tube' can hurt some one ...

stephenw10

@Gertjan said in Pfsense in the Fiber world?:

"Fibre is dangerous .."

Urgh.

voxmagna1

@Gertjan Semantics confusion. Wifi for me is either 2G aka on a 2.4GHz wireless band carrier and 5G is a higher frequency band WiFi carrier 5GHz+, which are radio frequency carrier bands & not digital data rates. Neither are they '2nd 'or '5th' Generation used to describe mobile networks.The higher the carrier frequency band the greater is attenuation of signal through obstacles and free space.

U.K (and USA etc) regulate the maximum power wifi adapters can use in these shared radio frequency bands. If signals are attenuated as they are more rapidly at 5GHz, there is more error correction or frequency hopping and the digital data rate slows down. That's why IMHO Wifi can be unreliable and uncertain for carrying high data rates, unless there's a short unobstructed distance between the link transmitter and receiver. Hope that answers any confusion.

stephenw10

There's a 6GHz band for .ax. Just for added confusion. And others if you count the more obscure protocols; .y .af etc