Google Fiber and AT&T Uverse GigaPower - what do I need?
-
All,
I've done some searching, and there have been some useful and helpful threads. But I haven't gotten a consensus on what's a good solution for me.
Google Fiber has been announced in two locales (Kansas City, MO, and Austin, TX). In reaction, AT&T is bringing "Gigapower" to my Austin suburban neighborhood. Next month I will be getting up to 300Mbit symmetrical service over my FTTP connection (Fiber to my house, GigE Copper from there). Promises of true Gigabit in 2014.
I currently run an ALIX 256MB 2LAN embedded and it doesn't have the throughput I am going to need. But I still love PFSense for managing DHCP and monitoring traffic. So I need something beefier but still quiet and low power.
Now, I realize that most web sites won't push 300Mbit individually. But I don't want to leave any bandwidth that I am paying for on the floor either. I have one daughter that's a power user (heavy YouTube uploader, she's got a channel that she updates frequently) and I'm also pushing a lot of still photos to Flickr on a weekly basis. My wife and I both work from home and in her case, she's dealing with scanned documents in her corporate system, downloading and uploading constantly.
My requirements are as follows:
Silent/Fanless (or as close to silent as I can get it). Will live in a large vented walk-in closet off master bathroom.
Ability to push hundreds of Mbits or full Gbit WAN sideOther Notes:
Might like 3 ethernet for some interesting LAN/WAN/DMZ configuration I might try, but this is flexible
Minimal VPN requirement (I might use it from time to time but no hard bandwidth requirements)
Minimal packages (today I use pfblocker)
With or without traffic shaper (I may not care with high upstream bandwidth)Comments? Would an Intel D2700 pretty much cover it or do I need to step up to the low end of the desktop platforms?
-
300/300 is going to require something faster than an Atom, even just for firewall+NAT.
-
I have another option, but the more complex this gets, the more likely something will go wrong and it will go down when I'm not around (Wife Acceptance Factor).
The line from outside comes into our master bedroom closet. I could send it from there to my office or the garage, and set up the router there, and send it back IN to the main switch via VLAN. I've toyed with setting this up as a VM under my ESXi hosts (done that previously) and using my old ALIX as a CARP failover. That may be the ticket: Slow but working if my ESXi cluster is borked.
The biggest hassle is the transition from where I have it today to the final configuration. Between me, the wife, and my youngest daughter (older is at college), finding free time to reconfig everything and get it right is tough.
-
Yep, the d2700 will likely not do more than 600Mbps (in one direction). Do you actually need 300Mbps up and down simultaneously? As you may have read in other threads you'll need to step up to a low end desktop CPU and that means having a better cooling solution.
You should be able to switch to different network setup in stages. Install and test the cabling first for example.Steve
-
Steve,
Thanks.
As I noted, given a pipe that fast, it's not like I'm going to get 300Mbit from any single connection most of the time. That's basic Internet 101. What I am saying is that if I were to go up all the way to their max speed (who of us wouldn't mind trying it out?), I certainly don't want my pfSense router to be the bottleneck. If I have a 100Mbit capable router, then there's no way I'd pay for 300Mbit service, I'd only pay for 100Mbit service.
As far as testing the alternative network layout: There is VERY little cabling changes involved. I have Cat5e everywhere, and it's capable of Gigabit speeds already (tested). It's all logical changes in the sense that I need to do a couple of different connections in the main closet and then the rest is VLANs. I can map it out on paper all I like, but the day I implement it, I'll be down for the duration while I change all the VLANs and go to a new router configuration for the very first time that will be doing some funky things (like sending a WAN VLAN through a couple of switches to my office, through a PFsense router, then back UP the same wire on a LAN VLAN to the same closet for distribution to the rest of the house). I'll probably be walking back and forth between switches with a laptop making changes with direct attached cables.
-
Hmm, sounds like fun! Easy to make a mistake and incur the wrath of your users though. ;)
There are some passive cooling solutions for low end i3s or similar but they aren't cheap.Steve
-
Yup. I really need to send the ladies off for a spa weekend somewhere and then tear my network apart and put it back together!
-
If you don't mind me asking, what part of Austin are you in? I live in the Milwood area in Rattan Creek in MW and have not been able to get a straight answer from AT&T about GigaPower. I got Uverse as soon as it was available in my neighborhood and have been happy with it but with the news of Google Fiber and then GigaPower right after that, I wondered how long it would take.
-
Honestly your requirements are a little bit ridiculous. You want a fanless passively cooled system that will handle 300+ Mb/s throughput? You can't even do that with ASIC devices. Find a closet you can put a small server in. Even a dual core AMD with 8 GB of RAM will do the job.
-
I disagree. A passively cooled atom will firewall 300Mbps easily, in one direction. If you need to run other services like squid or snort then, yes, you'll need something a lot more powerful. Even so there are passive cooling solutions for 35W cpus for a reasonable cost, the Akasa Euler for example.
Steve
-
300/300 is going to require something faster than an Atom, even just for firewall+NAT.
Not really, no.
-
Honestly your requirements are a little bit ridiculous. You want a fanless passively cooled system that will handle 300+ Mb/s throughput? You can't even do that with ASIC devices.
LOL ;)
Even the 7541 (dual core Atom D525) does 1Gbps throughputs.
-
Google Fiber has been announced in two locales (Kansas City, MO, and Austin, TX). In reaction, AT&T is bringing "Gigapower" to my Austin suburban neighborhood. Next month I will be getting up to 300Mbit symmetrical service over my FTTP connection (Fiber to my house, GigE Copper from there). Promises of true Gigabit in 2014.
You are aware that ESF is located in Austin, right?
Chris lives here (currently on AT&T at home). I live here (currently on Grande at home, AT&T FTTH in my neighborhood.)
The office is next door to what used to be CoreNAP (now zColo), and we run a 10Gbps fiber between our rack there and the office.Gimme moar bandwidth. ;D ;D ;D
-
@gonzopancho:
Even the 7541 (dual core Atom D525) does 1Gbps throughputs.
Really?
I've not tested an atom for throughput but I know that many others have tried and failed to get close to Gigabit. I'm aware that you guys have done testing on that box so I'm sure you know better than me what it's capable of. How did you test it for Gigabit throughput? Most other users seem to top out at ~600Mbps.Steve
Edit: typo
-
sorry, my mind is going. Happens when you age. :-X
In brief testing, with a standard ruleset, the alix passed 85 Mpbs, the 7541 passed 500 Mbps, and pfSense running in a VM running on a Dell R200 R200 passed 850 Mbps.
-
@gonzopancho:
300/300 is going to require something faster than an Atom, even just for firewall+NAT.
Not really, no.
In my experience, no Atom, including the D2800 I have at home with i350 NICs, can FW+NAT more than 500-600Mbit/s. I haven't tried the current gen, but that has more to do with the fact that none of the NICs will work under FreeBSD 8.3. I suspect they'd be able to push 1Gbit/s or more through FW+NAT given the strong increase in IPC the reviews are reporting but we may not be able to actually test with pfSense until the FreeBSD 10 move.
-
Honestly your requirements are a little bit ridiculous. You want a fanless passively cooled system that will handle 300+ Mb/s throughput? You can't even do that with ASIC devices. Find a closet you can put a small server in. Even a dual core AMD with 8 GB of RAM will do the job.
I've built a i3-3220T + DQ77KB in an akasa euler thin-itx fanless case, it is rated to 35W TDP cpus. Dual intel NIC onboard, with some DIY on the backplate you could put another one or two GbE ports from a minicard.
I believe it can do more depending on environment and the very conservative TDP intel uses on recent cpus, so if you really need something faster the 45W quad core E3 1265Lv2 is quite powerful though not cheap.
So far I have not seen a haswell thin-itx as it would be nice to get AES-NI at i3 prices, and the intel DQ77KB is hard to find at a fair price. (also a caveat about certain NICs not being supported properly, 82576 = no, i350 = single channel ram issue)
There are also some passive cases coming out for NUCs, if you can figure out a way to have two physical ports* with a dongle NIC that doesn't suck those could be quite nice.
(*without doing the Very Bad Idea
of using only VLANs on a switch to separate WAN from LAN) -
Just go for a simple i3 with 4GB RAM config. You should be good for years. Check out the latest Haswell processor and motherboard compatibility (If I am not mistaken, its on these forums somewhere.. folks have done it). Stick a passive heat sink on it and it should be quiet enough.
-
@gonzopancho:
300/300 is going to require something faster than an Atom, even just for firewall+NAT.
Not really, no.
In my experience, no Atom, including the D2800 I have at home with i350 NICs, can FW+NAT more than 500-600Mbit/s. I haven't tried the current gen, but that has more to do with the fact that none of the NICs will work under FreeBSD 8.3. I suspect they'd be able to push 1Gbit/s or more through FW+NAT given the strong increase in IPC the reviews are reporting but we may not be able to actually test with pfSense until the FreeBSD 10 move.
You seem to have missed the part where we have several of these in-house now.
-
@gonzopancho:
@gonzopancho:
300/300 is going to require something faster than an Atom, even just for firewall+NAT.
Not really, no.
In my experience, no Atom, including the D2800 I have at home with i350 NICs, can FW+NAT more than 500-600Mbit/s. I haven't tried the current gen, but that has more to do with the fact that none of the NICs will work under FreeBSD 8.3. I suspect they'd be able to push 1Gbit/s or more through FW+NAT given the strong increase in IPC the reviews are reporting but we may not be able to actually test with pfSense until the FreeBSD 10 move.
You seem to have missed the part where we have several of these in-house now.
Several of what? I don't know what you're talking about when you reference "these". I just skimmed the thread again and aside from some benchmark numbers you posted for an older Atom, I don't see you mentioning having anything specific in-house. If you've got one of the new 8-core atoms working, NICs and all, please post up some numbers; I'd love to see them.
