Pfsense budget competitor for RB750Gr3 and a Edgerouter-X for under 100$?
-
Hi everyone this is my first post here.
I have a WF2780 router which im really happy with but it lacks some features (SSH, cron, more DDNS choices etc.). I wanted to add some more serious (but affordable) device to my network. I had OpenWRT on 1043nd and WR3600 but i wanted something even more serious to learn networking stuff. RB750Gr3 and Edgerouter-X are very similar routers (if you look at their hardware). Both can do almost 1Gbit trough NAT and 200Mbps with IPsec. And both cost about 50-60$. However AFAIK they do poorly with OpenVPN which i would prefer over IPsec.
So the question is: is it possible to have similar performance (almost 1Gbit NATing and arround 200Mbps with some VPN) with pfsense for similar price and power efficiency?
Ive seen you often reccomend PC Engines solutions but their cost start from 106$. Ive seen some barebones on Alliexpress with J1700/1800 CPUs but they need RAM and storage and doesnt have AES support. I was searching some refubrished computers (USFF) or terminals but most of them either are not very powerefficient or dont have AES-NI (plenty of C2D,C2Q, Atom devices) or dont have PCI-E/USB3.0 for additional ethernet card. Or are way above 100$ (HP 8300 USFF). Building an ITX PC also costs over 100$ (i have OpenMediaVault NAS build)
Ive even considered cheap laptop builds like this guy …
https://www.youtube.com/watch?v=5q_dWCzKhKk... but i found that PCMCIA and ExpressCard 1Gbit NICs are suprisingly expensive in my country - Poland (~30-40$)
So are there any other options to have power efficient hardware with CPU with decent performance that could handle requirements and/or with AES? Or just stop thinking and buy Mikrotik/Ubiquiti?
-
Nope, can't have it. You need AES-NI to do anything beyond ±35Mbit OpenVPN. An APU2 might be close to what you can do. Otherwise a used office PC might be possible. Check with local 2nd hand shops to find one cheap.
-
Sorry, no way can either of those two low-end routers do anything close to routing at near wire speed with firewalling enabled. Based on published specs they can’t do it even with full cut-through as far as I can tell.
-
Sorry, no way can either of those two low-end routers do anything close to routing at near wire speed with firewalling enabled. Based on published specs they can’t do it even with full cut-through as far as I can tell.
I just did ~910Mbit/s TCP-Iperf on an EdgerouterX w. NAT hw acceleration enabled.
It had a "default" setup - iptables firewall enabled , meaning just deny anything "non related" from the outside.It would do around 210Mb/s wo. hw acceleration.
/Bingo
