Performance numbers for the SG-8860
-
I am trying to determine if this model will meet our needs. We are looking at the HA Pair.
Public facing website, with 2 providers each with 1G link. Normal traffic is around 100mbit/sec. When we remove Cloudflare from the mix we push upwards of 600mbit/sec. We average around 150k states on the firewall. Also have a site to site VPN that consumes about 25mbit/sec on average with peaks to 100mbit.
We are looking at moving to BGP for our two links.
Currently running a single VM. Sitting at 30mbit right now and here is the performance of the CPU:
Intel(R) Xeon(R) CPU E5-2670 0 @ 2.60GHz
Current: 324 MHz, Max: 2593 MHz
4 CPUs: 2 package(s) x 2 core(s)
Load average
0.30, 0.27, 0.21
CPU 5%I haven't been able to find much in regards to real performance on this hardware, any help would be appreciated.
Thanks,
Matthew -
I am trying to determine if this model will meet our needs. We are looking at the HA Pair.
Would be really powerfull as I see it right, the only thing is that actual at the moment the PPPoE Internet
connection is only running on one CPU core and so far I don´t think that 1 GBit/s at the WAN port will be
able to reach. But if you are connecting over a static public IP address all CPU core will be in usage and the
1 GBit/s is able to reach easy.Public facing website, with 2 providers each with 1G link. Normal traffic is around 100mbit/sec.
100 MBit/s would be not the problem!!!
When we remove Cloudflare from the mix we push upwards of 600mbit/sec. We average around
150k states on the firewall.The 600 MBit/s would be also not the real problem as I see it right. The 150k states will be also reachable
but this is more or less also pointed or related to the circumstance what on top is installed and activated
on this units! Likes Squid & SquidGuard, Snort, pfBlocker-NG, HAVP & ClamAV or massively DPI tasks.Also have a site to site VPN that consumes about 25mbit/sec on average with peaks to 100mbit.
If you use IPSec together with AES-GCM it will be using and benefiting from the AES-NI instruction set of the
CPU SoC and later if Intel QuickAssist is also running or activated in pfSense the OpenVPN will be also profiting
from this SoC.We are looking at moving to BGP for our two links.
No problems here. OpenBGPD or Quagga will do the job likes you want.
Currently running a single VM. Sitting at 30mbit right now and here is the performance of the CPU:
Intel(R) Xeon(R) CPU E5-2670 0 @ 2.60GHz
Current: 324 MHz, Max: 2593 MHz
4 CPUs: 2 package(s) x 2 core(s)
Load average
0.30, 0.27, 0.21
CPU 5%For sure a CPU core is not like the other and a high end Intel E5 Xeon CPU is not comparable to the
Intel Atom C2x58 series. But for the named above things powerful enough as I see it right.I haven't been able to find much in regards to real performance on this hardware, any help would be appreciated.
pfSense store SG-8860 1U HA system
You can also easily call them directly or mail them a pre-sales question if you like it.
US Phone: 1.512.900.2546
Email: sales@pfsense.org