J1900 performance
-
@andyrh said in J1900 performance:
@azcoyote B) Agreed, if I could, I would ditch the ATT HW. A) I turn off the ATT WiFi, from time to time ATT turns it back on.
I hope you find what you are looking for.
Thank you! A) what jerks!
B) does PfSense have a way/plan to address this in the future?
-
@stephenw10 said in J1900 performance:
pfSense will work fine there, you just need something with better single core performance that a J1900.
To be honest I'm not sure why anyone would buy a J1900 new at this point unless it was very cheap. That discussion has already happened in this thread though.
Steve
Lol. For sure. My little J1900 was purchased 5 years ago so it’s gotta be time for a move to new hardware. It’s viable as just a simple FW with some basic rules. Buts that is definitely all.
-
There is:
https://github.com/MonkWho/pfattAnd there are ways to extract the cert from the router so you don't need it at all. I've never seen that on pfSense though. And both are completely unsupported.
Steve
-
@azcoyote said in J1900 performance:
@stephenw10 said in J1900 performance:
pfSense will work fine there, you just need something with better single core performance that a J1900.
To be honest I'm not sure why anyone would buy a J1900 new at this point unless it was very cheap. That discussion has already happened in this thread though.Steve
Lol. For sure. My little J1900 was purchased 5 years ago so it’s gotta be time for a move to new hardware. It’s viable as just a simple FW with some basic rules. Buts that is definitely all.
it would be fine without pppoe or on linux, but for pfsense you need to throw hardware at it. (or not--the ifr stuff might even work.) since you were planning to buy a unifi, you could spend the same money on beefier hardware. you really just need to decide what you want to use for software.
-
@stephenw10 said in J1900 performance:
There is:
https://github.com/MonkWho/pfattAnd there are ways to extract the cert from the router so you don't need it at all. I've never seen that on pfSense though. And both are completely unsupported.
Steve
Oofda. And I thought the VLAN magic I had to find to connect to my CL ONT was a trick. That is quite the process!
-
@vamike said in J1900 performance:
@azcoyote said in J1900 performance:
@stephenw10 said in J1900 performance:
pfSense will work fine there, you just need something with better single core performance that a J1900.
To be honest I'm not sure why anyone would buy a J1900 new at this point unless it was very cheap. That discussion has already happened in this thread though.Steve
Lol. For sure. My little J1900 was purchased 5 years ago so it’s gotta be time for a move to new hardware. It’s viable as just a simple FW with some basic rules. Buts that is definitely all.
it would be fine without pppoe or on linux, but for pfsense you need to throw hardware at it. since you were planning to buy a unifi, you could spend the same money on beefier hardware. you really just need to decide what you want to use for software.
It’s the usual chicken and egg problem. In this case with a side of PPPoE green ham. If I want to go straight from the NIU/ONT to my FW I have to PPPoE so I guess it means I’m borked for going to PfSense for now. But I will either pick great hardware and move over later or just get the UniFi device. Then when the PPPoE issue is resolved I can circle back.
-
@azcoyote said in J1900 performance:
Oofda. And I thought the VLAN magic I had to find to connect to my CL ONT was a trick. That is quite the process!
With verizon internet-only service you plug the ethernet into the cable and run a dhcp client. It's nuts that ISPs are making this so complicated.
-
@vamike said in J1900 performance:
It's nuts that ISPs are making this so complicated.
Yup. Just crazy that something like pfatt needs to exist in any way.
I guess there are enough people out there who's alternative to AT&T is limited or non-existent.Steve
-
@azcoyote said in J1900 performance:
It’s the usual chicken and egg problem.
what problem is that....if you have a chicken, you have eggs. no chicken....no eggs
-
Hi. I can confirm the J1900 can perform ok. Mine is a Eglobal Fanless Pfsense Mini PC J1900 had it for 3 years. I'm currently on 1000/50mbps FTTP, PPPOE and speedtest.net gives me around 830/41mbps, however I had to apply some tweeks mentioned in this thread:
https://forum.netgate.com/topic/133704/poor-performance-on-igb-driver/40
However, as some people have said, it is pretty old so I probably would buy something slightly better in 2021.
-
@craig5 I have J1900 based super micro board now that will route my fiber 1000/1000 at almost line speed. So they are decent little boxes 5 years ago. Just cannot do real IPS/IDS at that speed. I am looking into a I5 solution next outing.
-
@azcoyote Yep can't complain. It probably doesn't need it but I recently whacked a fan on it (plugged into the usb), dropped the temp 20 degrees, it was running pretty warm in my garage:
-
@jknott
I can confirm, although a little late that it can take a 500meg fibre line with PPPoE. You need to setup dedicated DMZhttps://www.reddit.com/r/bell/comments/xyh46q/bell_3gbps_pfsense_and_pppoe/
-
Doing that removes the PPPoE though and also adds double NAT. Which isn't a problem for most things but will break, for example, UPnP.
Steve
-
@stephenw10
really? I though DMZ is just a passthrough to that port or resource without having to compute translation. Either way, with this Bell Fibe modem HH4000 I think it is, there are no other ways that I have found.At least my speeds do not seem to be that affected. I sure hope someone out there finds a way to bridge this modem instead...
I do the Wizard setup with sense to connect pppoe
-
Hmm, well you could be right in this instance. 'DMZ' mode on most routers is usually just a 1:1 NAT setup to a nominated internal IP. However here the OP in the Reddit thread talks about the upstream router 'cloning' the client MAC address to use for PPPoE and passing the IP address back via DHCP. If that's the case then you will still have a public IP on the pfSense WAN address and it's not double NAT'd. Which would be the ideal scenario!
Either way you are removing the PPPoE connection from pfSense and hence the throughput restriction.
So, to be clear, that doesn't imply the J1900 can pass >500Mbps over PPPoE. Just in case anyone reads this and interpreted it that way.Steve
-
@stephenw10
cool. Yes, this is my results, which is pretty aligned with doing the same test on google directly into one of the ports.Hosted by Bell Canada (Kanata, ON) [121.27 km]: 5.812 ms
Testing download speed................................................................................
Download: 519.48 Mbit/s
Testing upload speed......................................................................................................
Upload: 156.92 Mbit/sThe only comment that scared me from the OP on reddit was
"The only potential issue with the Advanced DMZ configuration is if PPPoE on the XGS-PON side changes IP, does it stop working until the DHCP lease gets renewed on the router side?"Cause this would cause a break and DDNS would get messed up. To date, everything has been good, cross fingers. maybe I would try a modem reboot and see...
-
@stephenw10 with IPS/IDS turned off, my J1900 handled PPPOE at gig speed just fine. It can do 500 with zero question.
-
The more I read about the "fun" Bell customers have, the happier I am that I'm on Rogers. Here's what's involved in putting a Rogers modem into bridge mode:
That's it. All that's necessary is to click on that button. On top of that, my IPv4 address is virtually static, the host name is based on MAC addresses and so doesn't change unless I change hardware and, unlike Bell, Rogers provides IPv6.
-
Bridge mode here would likely pass the PPPoE session to pfSense which isn't really what you'd want. The fact it can offload the PPPoE while still passing the public IP to pfSense is ideal really. But only if the router doesn't have other restrictions like a limited state table etc.
Offloading PPPoE that way requires shenanigans! I have tried, and failed, to do it with OpenWRT before.
