Ubiquiti edgerouter lite support?
-
Someone was able to get FreeBSD running on Ubiquiti's Edgerouter Lite:
http://bsdfeed.com/discussion/180344/ubiquiti-edgerouter-lite-works-multi-user-with-current-
Nice! though it sounds like it may still be a ways away from actually being in a state that could run pfSense. His install process seems a bit complex […]
FYI, Juli Mallett (http://people.freebsd.org/~jmallett/) is female.
-
I'm looking forward to the port, I'm fooling with mine now that I got the latest firmware into it and there are many missing features and aggravations compared to pfSense.
-
You teasing the forum again Gonzopancho? ;)
Support for alternative architectures, of any sort, is awesome. It will be very interesting to see how this performs without the FPGA/proprietary module. The link above gives just one figure for anything: 112Mbps over a single NIC. No doubt that could be improved with some polishing. Looking forward to more results… :)Steve
-
Gonzopacho, I did not mean to offend you, very sorry if I did. I only posted the link for the guy who said it was hard to install and anyone else interested, not to impugn your hard work in any way.
-
Thanks gonzo, I didn't mean to imply that there was any rush or pressure, and I do understand those FreeBSD 10 pfSense 2.2 issues - there would be completely no point in even attempting to backport such a thing to FreeBSD 8.3 pfSense 2.1! I had just looked at the hardware specs and particularly noticed the wide range DC input of the bottom-end box.
-
everyone, I'm not offended.
Potentially, things won't be too bad:
http://community.ubnt.com/t5/EdgeMAX/Tolly-report/m-p/328234/highlight/true#M1794
-
Could you tell a little bit more what you know about the hardware crypto support? I installed FreeBSD on mine and /dev/crypto seems to speed up AES by 2x. Is there more hardware on there that needs support? Or only more proprietary/FPGA stuff or something?
-
2X seems pretty good. It depends on what you hand to the processor, of course.
I have the timings for a CN5230-700-SCP (similar, but 4 cores, instead of the 2 core in the ERL) handy:
% ./cryptotest -d cryptocteon -a aes 131072 16 32 64 128 256 512 1024 2048 4096 8192 16384 65536
2.660 sec, 262144 aes crypts, 16 bytes, 1576866 byte/sec, 12.0 Mb/sec
2.704 sec, 262144 aes crypts, 32 bytes, 3102746 byte/sec, 23.7 Mb/sec
2.631 sec, 262144 aes crypts, 64 bytes, 6376600 byte/sec, 48.6 Mb/sec
3.015 sec, 262144 aes crypts, 128 bytes, 11127423 byte/sec, 84.9 Mb/sec
3.294 sec, 262144 aes crypts, 256 bytes, 20374218 byte/sec, 155.4 Mb/sec
3.896 sec, 262144 aes crypts, 512 bytes, 34448261 byte/sec, 262.8 Mb/sec
5.240 sec, 262144 aes crypts, 1024 bytes, 51225481 byte/sec, 390.8 Mb/sec
7.921 sec, 262144 aes crypts, 2048 bytes, 67775915 byte/sec, 517.1 Mb/sec
13.078 sec, 262144 aes crypts, 4096 bytes, 82104791 byte/sec, 626.4 Mb/sec
34.394 sec, 262144 aes crypts, 8192 bytes, 62437704 byte/sec, 476.4 Mb/sec
61.838 sec, 262144 aes crypts, 16384 bytes, 69454744 byte/sec, 529.9 Mb/sec
222.462 sec, 262144 aes crypts, 65536 bytes, 77226068 byte/sec, 589.2 Mb/sec% ./cryptotest -d cryptocteon -z 10000
0.207 sec, 20000 des crypts, 8 bytes, 771672 byte/sec, 5.9 Mb/sec
0.204 sec, 20000 des crypts, 16 bytes, 1569074 byte/sec, 12.0 Mb/sec
0.207 sec, 20000 des crypts, 32 bytes, 3090802 byte/sec, 23.6 Mb/sec
0.204 sec, 20000 des crypts, 64 bytes, 6280452 byte/sec, 47.9 Mb/sec
0.231 sec, 20000 des crypts, 128 bytes, 11065772 byte/sec, 84.4 Mb/sec
0.261 sec, 20000 des crypts, 256 bytes, 19648853 byte/sec, 149.9 Mb/sec
0.316 sec, 20000 des crypts, 512 bytes, 32406704 byte/sec, 247.2 Mb/sec
0.437 sec, 20000 des crypts, 1024 bytes, 46846443 byte/sec, 357.4 Mb/sec
0.683 sec, 20000 des crypts, 2048 bytes, 59981783 byte/sec, 457.6 Mb/sec
1.149 sec, 20000 des crypts, 4096 bytes, 71267814 byte/sec, 543.7 Mb/sec
2.934 sec, 20000 des crypts, 8192 bytes, 55844823 byte/sec, 426.1 Mb/sec
0.209 sec, 20000 3des crypts, 8 bytes, 766956 byte/sec, 5.9 Mb/sec
0.210 sec, 20000 3des crypts, 16 bytes, 1523084 byte/sec, 11.6 Mb/sec
0.209 sec, 20000 3des crypts, 32 bytes, 3065589 byte/sec, 23.4 Mb/sec
0.210 sec, 20000 3des crypts, 64 bytes, 6088686 byte/sec, 46.5 Mb/sec
0.238 sec, 20000 3des crypts, 128 bytes, 10757704 byte/sec, 82.1 Mb/sec
0.267 sec, 20000 3des crypts, 256 bytes, 19188391 byte/sec, 146.4 Mb/sec
0.322 sec, 20000 3des crypts, 512 bytes, 31841588 byte/sec, 242.9 Mb/sec
0.438 sec, 20000 3des crypts, 1024 bytes, 46730998 byte/sec, 356.5 Mb/sec
0.681 sec, 20000 3des crypts, 2048 bytes, 60152408 byte/sec, 458.9 Mb/sec
1.148 sec, 20000 3des crypts, 4096 bytes, 71336390 byte/sec, 544.3 Mb/sec
2.931 sec, 20000 3des crypts, 8192 bytes, 55898496 byte/sec, 426.5 Mb/sec
0.204 sec, 20000 aes crypts, 16 bytes, 1568774 byte/sec, 12.0 Mb/sec
0.204 sec, 20000 aes crypts, 32 bytes, 3139240 byte/sec, 24.0 Mb/sec
0.205 sec, 20000 aes crypts, 64 bytes, 6231986 byte/sec, 47.5 Mb/sec
0.230 sec, 20000 aes crypts, 128 bytes, 11135373 byte/sec, 85.0 Mb/sec
0.253 sec, 20000 aes crypts, 256 bytes, 20260538 byte/sec, 154.6 Mb/sec
0.299 sec, 20000 aes crypts, 512 bytes, 34257345 byte/sec, 261.4 Mb/sec
0.401 sec, 20000 aes crypts, 1024 bytes, 51065570 byte/sec, 389.6 Mb/sec
0.603 sec, 20000 aes crypts, 2048 bytes, 67874353 byte/sec, 517.8 Mb/sec
0.996 sec, 20000 aes crypts, 4096 bytes, 82248583 byte/sec, 627.5 Mb/sec
2.628 sec, 20000 aes crypts, 8192 bytes, 62340145 byte/sec, 475.6 Mb/sec
0.210 sec, 20000 aes192 crypts, 16 bytes, 1524238 byte/sec, 11.6 Mb/sec
0.208 sec, 20000 aes192 crypts, 32 bytes, 3073451 byte/sec, 23.4 Mb/sec
0.209 sec, 20000 aes192 crypts, 64 bytes, 6117903 byte/sec, 46.7 Mb/sec
0.236 sec, 20000 aes192 crypts, 128 bytes, 10838364 byte/sec, 82.7 Mb/sec
0.258 sec, 20000 aes192 crypts, 256 bytes, 19828438 byte/sec, 151.3 Mb/sec
0.310 sec, 20000 aes192 crypts, 512 bytes, 33049209 byte/sec, 252.1 Mb/sec
0.414 sec, 20000 aes192 crypts, 1024 bytes, 49462745 byte/sec, 377.4 Mb/sec
0.632 sec, 20000 aes192 crypts, 2048 bytes, 64853636 byte/sec, 494.8 Mb/sec
1.044 sec, 20000 aes192 crypts, 4096 bytes, 78501044 byte/sec, 598.9 Mb/sec
2.720 sec, 20000 aes192 crypts, 8192 bytes, 60235516 byte/sec, 459.6 Mb/sec
0.208 sec, 20000 aes256 crypts, 16 bytes, 1537796 byte/sec, 11.7 Mb/sec
0.209 sec, 20000 aes256 crypts, 32 bytes, 3059829 byte/sec, 23.3 Mb/sec
0.205 sec, 20000 aes256 crypts, 64 bytes, 6236449 byte/sec, 47.6 Mb/sec
0.232 sec, 20000 aes256 crypts, 128 bytes, 11014922 byte/sec, 84.0 Mb/sec
0.262 sec, 20000 aes256 crypts, 256 bytes, 19547506 byte/sec, 149.1 Mb/sec
0.316 sec, 20000 aes256 crypts, 512 bytes, 32439453 byte/sec, 247.5 Mb/sec
0.427 sec, 20000 aes256 crypts, 1024 bytes, 47990177 byte/sec, 366.1 Mb/sec
0.655 sec, 20000 aes256 crypts, 2048 bytes, 62559948 byte/sec, 477.3 Mb/sec
1.090 sec, 20000 aes256 crypts, 4096 bytes, 75147759 byte/sec, 573.3 Mb/sec
2.807 sec, 20000 aes256 crypts, 8192 bytes, 58366681 byte/sec, 445.3 Mb/sec
0.105 sec, 10000 md5 crypts, 8 bytes, 760948 byte/sec, 5.8 Mb/sec
0.104 sec, 10000 md5 crypts, 16 bytes, 1542124 byte/sec, 11.8 Mb/sec
0.097 sec, 10000 md5 crypts, 32 bytes, 3302305 byte/sec, 25.2 Mb/sec
0.110 sec, 10000 md5 crypts, 64 bytes, 5832445 byte/sec, 44.5 Mb/sec
0.117 sec, 10000 md5 crypts, 128 bytes, 10968107 byte/sec, 83.7 Mb/sec
0.128 sec, 10000 md5 crypts, 256 bytes, 20050753 byte/sec, 153.0 Mb/sec
0.155 sec, 10000 md5 crypts, 512 bytes, 33073226 byte/sec, 252.3 Mb/sec
0.209 sec, 10000 md5 crypts, 1024 bytes, 49065644 byte/sec, 374.3 Mb/sec
0.318 sec, 10000 md5 crypts, 2048 bytes, 64374782 byte/sec, 491.1 Mb/sec
0.961 sec, 10000 md5 crypts, 4096 bytes, 42634158 byte/sec, 325.3 Mb/sec
1.505 sec, 10000 md5 crypts, 8192 bytes, 54440322 byte/sec, 415.3 Mb/sec
0.103 sec, 10000 sha1 crypts, 8 bytes, 774646 byte/sec, 5.9 Mb/sec
0.098 sec, 10000 sha1 crypts, 16 bytes, 1630590 byte/sec, 12.4 Mb/sec
0.098 sec, 10000 sha1 crypts, 32 bytes, 3280167 byte/sec, 25.0 Mb/sec
0.109 sec, 10000 sha1 crypts, 64 bytes, 5893132 byte/sec, 45.0 Mb/sec
0.116 sec, 10000 sha1 crypts, 128 bytes, 11046386 byte/sec, 84.3 Mb/sec
0.126 sec, 10000 sha1 crypts, 256 bytes, 20372920 byte/sec, 155.4 Mb/sec
0.152 sec, 10000 sha1 crypts, 512 bytes, 33646801 byte/sec, 256.7 Mb/sec
0.201 sec, 10000 sha1 crypts, 1024 bytes, 50823651 byte/sec, 387.8 Mb/sec
0.300 sec, 10000 sha1 crypts, 2048 bytes, 68263254 byte/sec, 520.8 Mb/sec
0.921 sec, 10000 sha1 crypts, 4096 bytes, 44478373 byte/sec, 339.3 Mb/sec
1.421 sec, 10000 sha1 crypts, 8192 bytes, 57648975 byte/sec, 439.8 Mb/sec -
Very cool, thanks.
-
This post is deleted! -
Just saw this today: http://rtfm.net/FreeBSD/ERL/
-
I'd love to see a port for the edgerouter lite. This would be great!!
I have a couple of them running and once you get a handle on the CLI commands its not too difficult to setup. Though it is a bit of a learning curve and I would not recommend them to anyone that doesn't feel comfortable learning a new CLI setup system.
When they first came out and I first got one I was overly optimistic about the performance numbers and their marketing might be somewhat deceptive in this regard. There are a lot of features in EdgeOS that will disable the offload engine when they are enabled. Some of those things that I have discovered are: dual wan load balancing, bridging two interfaces, QoS traffic shaping, Flow accounting, all of which disable hardware offload.
Without the hardware offload it's still a nice little box but it's just not mind blowingly amazing anymore.While I really like the idea of an egderouter port (because I already have them) generally I would just like to see a port for some kind of small low power, fan-less router device in the $100 range that has reasonable performance for SOHO type small networks.
-
While I really like the idea of an egderouter port (because I already have them) generally I would just like to see a port for some kind of small low power, fan-less router device in the $100 range that has reasonable performance for SOHO type small networks.
While it doesn't exactly meet your requirements - has a small fan - this device from newegg is close http://www.newegg.com/Product/Product.aspx?Item=N82E16856205007. I've set one up and it has been running solid for a couple of weeks. Since I added a quieter 40mm fan, the total for the empty box ended up being about $140. With 2GB and a cheap 2.5" drive or SSD you can be out for around $200.
I also just ordered an aluminium celeron 1037u box from taobao (see https://forum.pfsense.org/index.php?topic=75262.msg411063#msg411063). I'm taking a little chance on that one… but it certainly looks like an nice little box - and it is fanless.
-
Like you said the devices you linked don't really meet my requirements.
Another requirement that I did not mention is a minimum of 3 network ports. Otherwise I need to add in an inexpensive VLAN switch such as the Mikrotik RB260 and this just adds to the overall cost and complexity of the setup.
I am also not fond of these direct from china boxes and would prefer something from a better known company.
I generally recommend buying two boxes so that a spare is on site and ready to go (cold standby) because it's almost impossible to buy stuff locally anymore. So your solution would be about $500 (with two of the boxes you linked and two managed switched) + $$ for labor at which point my cheap clients start complaining. $200 + labor for the edgerouter solution would be a much easier sell.Anyway I do NOT want to turn this thread into a discussion on alternatives to the edgerouter. That's what new threads are for.
-
@SunCatalyst:
Hope you can still work on this a bit at a time as 2.2 seems a ways off for sure….
2.2 gets closer every day.
-
It sounds interesting to try pfSense on an EdgeRouter.
-
Could you tell a little bit more what you know about the hardware crypto support? I installed FreeBSD on mine and /dev/crypto seems to speed up AES by 2x. Is there more hardware on there that needs support? Or only more proprietary/FPGA stuff or something?
If you (or somebody else) still got FReeBSD running on this device I would like to know some real life experience when using AES-256-CBC for OpenVPN tunnel. I'm stuck at about 7 Mbit/s with stock firmware. A UBNT staff makes the, in my opinion uneducated guess, OpenVPN itself is to blame for poor performance: http://community.ubnt.com/t5/EdgeMAX/OpenVPN-site-to-site-speed-limit-10-Mbit/m-p/925934#M36502
Crypto offloading seems on their ToDo list since the release of the product.
So I am curious what speed you get using the crypto h/w running FreeBSD.
Of course I would like to see pfSense as well for this router but I am waiting patiently. -
any news after the release of the 2.2 version of pfSense?
-
Knew this was coming, one work day after the release.
Not even mad. (But not answering.). :-X
-
I'm from the other side of the globe, but IIRC that's part of the "Miranda warning", no?
"everything you say can and will be used against you…"it's always positive there are certainties in life ;D
