APU2C4 throughput with Suricata?
-
Short version: Does an APU2C4 have enough power to be able to handle SOHO use, with a moderate (read not-excessively paranoid) Suricata ruleset and maintain ~250Mbps downstream?
Long version: After wiring half the house last year while redoing the WiFi and switching side of things it's time to finish the project. That means out with the 8 year old router and in with something new. Since this is California with our astronomical electrical rates power consumption is a major factor. Gigabit is rolling out in the area, albeit quite slowly, and honestly we don't really have the need for it. Besides, the ISP choices are Comcast and AT&T, so each comes with their own baggage. Current rates are 100/6Mbps, with a possible future upgrade to ~250/15Mbps. Most of the consumption is streaming video, FaceTime, and light VPN usage. Package usage will not be extensive, my interests are with IPSec VPNs, Suricata, and SQM tuning to combat some particularly bad buffer bloat with the current ISP. All of that suggests a much lighter requirement than the usual "Will it do 1GBit" threads around here. From some reading on old threads here, on reddit, etc., it seems like an APU2C4 can handle ~650Mbps without Suricata, and perhaps 300-350Mbps with it enabled, so I'm trying to confirm this.
Other solutions I've looked at don't quite seem to fit the bill for one reason or another. The MinnowBoard boxes are nice, but don't have enough memory and don't have rack mount adapters, either. The Denverton/C3xxx machines are still in the works and seem like complete overkill. If I was going to go full gigabit and wanted to setup PFSense as a VM alongside security onion that would be my choice, but work and family eat up the time I'd spend on SO. ARM options are nice but my gut feeling is to stick with x86 for now. Qotoms don't look bad, but we go back to lack of rack mounting and some of their behavior irks me.
Does this all sound about right?
-
No, it does not.
-
So what's a realistic value? I've found threads like this that seem to indicate it can scale quite high. Yes, that may have a flawed test methodology, but elsewhere are mentions of 150-200Mbps without much issue. I know from reading here there are more than a few APU2C4 users around, some who must have tried this at some point.