Netgate MBT-4220 (aka SG-2340) MinnowBoard Turbot Dual Ethernet Quad Core System

  • Actually i considered to post this in "Official Hardware" Board, but because Netgate decided to withdraw SG-2340 due to FreeBSD bug related to autodetect monitor connected to hdmi if device was booted without display… I decided to post here.
    Full Device specs:
    Actually there is no way to run pfSense 2.3 on this device as 2.3 does not support UEFI Boot.
    Without any trouble i was able to boot pfSense 2.4 beta.

    Netgate SG-4860 - VPN Entpoint
    SMB source: iXsystems FreeNAS Mini - 32GiB ram , 512GiB ZIL , 512GiB L2ARC , 4x WD-RED in RAID Z1
    Benchmark PC: i7 3770k 32GiB ram, Intel 82579V Gigabit Ethernet
    Network: cat6

    Synthetic tests Out of the box configuration default firewall rules:
    980Mbit/s peak 950Mbit/s baseline for single stream SMB transfer mtu/1500 , average cpu utilisation 30%
    950Mbit/s peak 940Mbit/s baseline for 256 threads torrent one side transfer*, random packet size (128 threads udp/128 threads tcp) average cpu utilisation 38%

    IPSec AES-256-GCM 326 Mbps (however this can be inaccurate as my SG-4860 can be bottleneck as it's cpu is quite busy)
    OpenVPN AES128-GCM - 110Mbps (with Cryptographic Hardware set to None) / 85Mbps  (AES-NI)
    Acording to devs AES-NI should be used only with IPsec right now.

    *) one side transfer mean benchmark client only downloading data from source, no upload at all.

    This article will evolve in future.
    Suggestions, questions welcome.

  • Galactic Empire

    Excellent, thank you for sharing your experience with it!

  • Excellent! I didn't know they finally started shipping them, I've been looking for that board for a while.

  • Jus got new record

    IPSec AES-256-CGM - 326 Mbit/s

    ![IPSEC aes256.PNG](/public/imported_attachments/1/IPSEC aes256.PNG)
    ![IPSEC aes256.PNG_thumb](/public/imported_attachments/1/IPSEC aes256.PNG_thumb)

Log in to reply