Choosing hardware based on throughput performance
-
I know Pfsense uses only 1 core for PPPoE…. For now I hope.
Waiting for a testfix in the near future. -
I'm in the same boat.
I need a rig that can run 1gigabit fiber without choking. I currently have an AMD G-T40E and it tops out at about 350mbps.
Pricing out the Supermicro with memory and a case and an SSD comes to something like $500 US. Am I the only one who thinks that's a lot of money for a router?
Is there no cheaper way to do it and still take advantage of 1gigabit WAN?
I also run 3 IPSEC VPN tunnels…
-
I'm in the same boat.
Likes many peoples
I need a rig that can run 1gigabit fiber without choking.
There are so many out of them that we can´t really count and name them here all, but for sure a
bunch of should be placed for you here.I currently have an AMD G-T40E and it tops out at about 350mbps.
Hmm, just curious we got something around till ~550 MBit/s and ~650 MBit/s - ~750 MBit/s
with enabled PowerD (Hi adaptive. Sometimes and surely pending on the configuration it might
be good to set up a higher mbuf size. (measured with iPerf from PC (on the WAN Port) to PC (on the LAN Port)Pricing out the Supermicro with memory and a case and an SSD comes to something
like $500 US. Am I the only one who thinks that's a lot of money for a router?Not really alone, but if you need only a capable routing device you might be better going
with a dedicated router software likes OpenWRT or DD-WRT, pfSense is a fully featured
software firewall that can be turned with ease to a full UTM device!!! It depends on what
services you might be offering to your network and how many packets you will be installing
and on top how many functions and options given by pfSense will be turned on.I also run 3 IPSEC VPN tunnels…
This is to less input I think.
Offered services, activated functions, turned on options, used features, installed packets, number of
rules, DMZ & LAN devices and switches, users, CP, Proxy, DPI, IDS/IPS and other things on top likes
needed throughput on WAN, VPN and LAN or DMZ would be fine to know.Is there no cheaper way to do it and still take advantage of 1gigabit WAN?
For sure it is and there is a really great amount of devices that could match your wish for sure!
At first I want to tell you that the pfSense store is combining the best out of from both "worlds"
the PC Engines APU boards 3 miniPCIe slots + 1 SIM slot and the Intel Atom C2x58 SoC mostly
to find on the well known Supermicro boards. So the SG-2220 for $299 would be matching also
fine to the small told case of usage.Budget suggestion 1:
pfSense SG-2220 & miniPCIe WIFi card & M.2 mSATA drive
pfSense shop ready to go and with pre-installed pfSense
~$299 + add on cards if neededBudget suggestion 2:
Intel Celeron G3260 @3,2GHz Mini-ITX Board
Is capable to route 1 GBit/s at the WAN port and running snort for sure.- self made box ~$200 - $300
Most common suggestion:
Intel Celeron J1900 Quad Core CPU based boards often are able to turn the pfSense
both into a real UTM with ease for ~$299 to ~$320 fully assembled and ready to go.- Jetway board based
- Axiomtek
$299 - $599
alternatively
Intel Bay Trail Dual Core CPU @2,16 GHz with AES-NI
Will be right sorted for a home appliance but very powerful- Axiomtek
- Jetway boards based
$299 - $599
alternatively
Intel Atom C2358, C2558 or C2758 from Dual Core @1,7GHz to Octa Core @2,4GHz
with AES-NI and Intel QuickAssist
pfSense shop as SG units ~$300 - $600
Supermicro Boards from resellers or amazon ~$500
Axiomtek appliances from resellers or directly from Axiomtek ~$600Really powerful appliances:
Intel Atom C2758, Intel Xeon D-1540, Intel Xeon E3 or E5 based with AES-NI
partial with Intel QuickAssist support.- Lanner appliances ~$400 - open end
- Lannic appliances ~$400 - open end
- Axiomtek appliances ~$800 open end
Axiomtek NA342 (J1900)
Axiomtek NA342R (J1900)
Axiomtek NA361 (C2558 or C2758)
Axiomtek NA361R (C2558 or C2758) -
I have great expectations from the version 2.2.5 in terms of performance improvement and bigger from 3.x :)
C2758 + 8Gb RAM + SSD + PCI-X 4x intel Gigabit for WAN must be capable to route 1 GBit/s . -
Wow, that was an EXTREMELY comprehensive reply.
Thank you!
I do make use of a lot of pfSense's features, so I don't want to lose pfSense. I do IGMP proxy, VPN, lots of port mapping, I like debugging tools, etc…
From your list of suggestions, it looks like $500 is the sweet spot for a decent pfSense machine, so I guess I have to go with that.
Which SG unit from pfSense shop would be equivalent to the C2758 SuperMicro board which I will likely go with at the end of all this. :)
Thanks so much for the reply!
Rob
-
@BlueKobold:
I currently have an AMD G-T40E and it tops out at about 350mbps.
Hmm, just curious we got something around till ~550 MBit/s and ~650 MBit/s - ~750 MBit/s
with enabled PowerD (Hi adaptive. Sometimes and surely pending on the configuration it might
be good to set up a higher mbuf size. (measured with iPerf from PC (on the WAN Port) to PC (on the LAN Port)Out of curiosity, how does one enable PowerD/Hi Adaptive in pfSense?
Thanks!
-
Unless you are infatuated with having a tiny router, if you really want to leverage the most out of a lucky home with gigabit internet, grab one of the SMB "starter server" deals.
You can often find a couple models with cheap E3 xeons, I often see Lenovo TS140 and Dell T220 in the low $300s or less. Last week there was a killer one day deal for $280: 1225v3 @3.2ghz, 4GB ECC, 1TB HDD, free shipping.
Add a dual port intel 82571 nic for $20 off fleabay, quads not much more. (1000 pro pt, expi9402pt, x3939, nc360t are common variants of the duals)Those two models for sure are actually quiet (seen a few in person) and relatively efficient for the performance they provide (can't cheat physics) there may be others models and vendor types that are similar.
-
Unless you are infatuated with having a tiny router, if you really want to leverage the most out of a lucky home with gigabit internet, grab one of the SMB "starter server" deals.
You can often find a couple models with cheap E3 xeons, I often see Lenovo TS140 and Dell T220 in the low $300s or less. Last week there was a killer one day deal for $280: 1225v3 @3.2ghz, 4GB ECC, 1TB HDD, free shipping.
Add a dual port intel 82571 nic for $20 off fleabay, quads not much more. (1000 pro pt, expi9402pt, x3939, nc360t are common variants of the duals)Those two models for sure are actually quiet (seen a few in person) and relatively efficient for the performance they provide (can't cheat physics) there may be others models and vendor types that are similar.
Thank you for this.
I think this is the way I'm going to go. I have a room with "servers" in it and one more won't hurt much.
I checked out the Dell website and doesn't look like the T220 exists anymore. The lowest price T320 was $1200+, so I'm not sure how they get to $280. Was that the Dell or the Lenovo? Was it a used machine?
Thanks again for the suggestion!
Rob
-
Sorry it was T20, this was the deal last week, expired:
http://slickdeals.net/f/8192191-dell-poweredge-t20-tower-server-xeon-e3-1225-v3-quad-4gb-ddr3-1tb-hdd-dvdrw-279-w-free-s-h-dell-back
Best deal I've seen so far, but with cyber week coming up I think there will be plenty of good buys soon.
Often much better than the consumer bloatware crap because no windows tax and nicer components: with the E3 12_5 models you get a C2_6 chipset motherboard with intel NIC and usually a full x16 from cpu along with x4 and/or x1 off the PCH for expansion. PSU might be slightly custom (lenovo uses different harness you can adapt) but tends to be a more efficient one too.
I believe HP has a similar model in this price class as well, makes sense as the big vendors all try to cover the SMB server niche.
-
That's awesome! Now I know what to look for, thank you so much.
I'll wait till Black Friday and grab the best deal possible on a similar config. I'd even be fine if there were no hard drive, I'm much rather an SSD anyway. Hopefully those servers use SATA.
-
Out of curiosity, how does one enable PowerD/Hi Adaptive in pfSense?
System > Advanced > System Tunables > and then start/activate PowerD & reboot the pfSense box.
After doing this have a look in the Dashboard for the correct MHz/GHz entry will be there.
Do a iPerf test with one PC on the WAN interface and one on the LAN interface, thats it.If you are using a mSATA drive that is capable of the TRIM support, I would also suggest to activate
TRIM support on your pfSense box.- Do a full install on the SSD or mSATA
- reboot to the single user mode
- at the prompt type in| cd /sbin/ and then ./tunefs -t enable /
- ./reboot
- to verify that it is activated open a shell and type in| tunefs -p / and tunefs -p / var
-
Just to pipe in, I am quite happy with my A1SRi-2758F.
With a few packages running, routing performance is still more than capable of hitting gigabit throughput.
The biggest problem is the PPPoE issue. For me, this is a residential connection - but I work from home and use alot of bandwidth, 700-750mbit/s is plenty. So I'm pretty happy with it.
But if you absolutely need the gig throughput and use PPPoE there are other choices that wlil probably work better, and even crazier, use less power. Some of the low power i3/i5 CPUs are pretty capable, and may use more power at peak, but for the load that routing presents to them, they end up actually coming in at or lower than the rangeley.
-
Mobo is on the way…will be here in 2 weeks.
In the mean time i found a gbit ethernet adaptor:
DELL 0X3959 2 x 10/100/1000 Mbps PCI-E 4X REF
Or
Intel D33745-B PRO-1000 Single Port Gigabit Ethernet PCI-E U3867
What do you think ? Will handle gigabit pppoe? -
Thanks for chiming in @dopey,
I'm pretty convinced that I'll go with a Dell T20 or a Lenovo TS140 E3 server. I have lots of room in my "server room" and I really don't want to worry about getting something with not enough power. And I find the Supermicro to just be too expensive.
I'm hoping I'll get a T20 or TS140 with no HDD and I'll put a small (64gig or so) SSD on it. I'm trying to never buy an HDD again. :)
Thanks all!
-
@zax123
Beware the Lenovo TS140…its a great box, but you'll be pretty unhappy if you try to put an aftermarket SSD in it.
It uses custom brackets and power cables, which you only get in the box if you buy a Lenovo branded drive. -
@zax123
Beware the Lenovo TS140…its a great box, but you'll be pretty unhappy if you try to put an aftermarket SSD in it.
It uses custom brackets and power cables, which you only get in the box if you buy a Lenovo branded drive.Oh wow, thanks for letting me know.
That means I'm back to looking only for a good deal on the T20.
Much appreciated!
-
@zax123
Beware the Lenovo TS140…its a great box, but you'll be pretty unhappy if you try to put an aftermarket SSD in it.
It uses custom brackets and power cables, which you only get in the box if you buy a Lenovo branded drive.I have a ts140 and i had no problems installing a regular sata ssd and hdd in it.
the power connectors were not custom. yes, the brackets were weird, but i didn't have any problems gettng things to fit.for SSDs, keep in mind, yo're not dealing with moving parts. Zip ties are your friend.
-
I stand corrected, the server in question is the RS140 which has strange power connectors & brackets.
-
need advice:
Intel
Ethernet Server Adapter I210-T1or
Intel
Gigabit CT 82574Lwhich one is more reliable and fast
-
The i210-T1 is a Server grade NIC and could be a really cool LAN Port to speed up things there. ~45 € here
And the Intel Gigabit CT adapter will be a really cool WAN port as I see it right. ~25 € here
