Are These Specs Good Enough and Does CPU clock Speed Matter



  • Hello I am planning to build a pfsense router and I just wanted to ask wether it will be good enough to sustain my gigabit symetrical connection with a firewalll and VPN also I was wondering wether I could save some money going from the xeon X5687 3.6Ghz to the X5670 2.93Ghz so I was wondering wether the clock speed matters much these are the specs.

    Xeon X5687
    Ram 12 GB 10600E ECC
    120GB ssd OR 120GB M.2 ssd I havent chosen yet as I plan to use some web caching
    NICS HP Quad Port Gigabit and Chelsio N320E dual port SFP+


  • Netgate Administrator

    Either of those will easily pass Gigabit. Do you need/want that to be all VPN? That will require all the CPU cycles you can get. Especially if it's OpenVPN.

    Steve



  • @stephenw10 I plan to put around 250mbps through a vpn, so are you saying that more clockspeed is needed for a VPN I am also planning to have a 10gb link to my nas and my pc so I can cache on my pfsesne server so would you suggest having a normal ssd for cache or an M.2 ssd


  • Netgate Administrator

    Depends on the VPN type. OpenVPN is single threaded and generally slower than IPSec. Either CPU should be good for 250Mbps though, in ideal conditions at least. 😉
    Should be no problem if you can use IPSec.
    I'm not sure I've ever seen actual Gigabit OpenVPN on a single connection but to have any chance you would need the fastest single thread performance you can get your hands on.

    Steve



  • @stephenw10 Thanks



  • @MarkPla7z said in Are These Specs Good Enough and Does CPU clock Speed Matter:

    I am also planning to have a 10gb link to my nas and my pc so I can cache on my pfsesne server so would you suggest having a normal ssd for cache or an M.2 ssd

    You do understand that content caching has become pretty much pointless with dynamic sites and HTTPS? You're lucky if you can get 10% cache hits, but it's likely going to be around 2% to maybe 5%.



  • He may be better off just adding ram, and caching to a ramdisk for his pfsense install, not sure why the 10gbps would be needed. I use 10gbps for storage links, but I don't route any storage data through the router.

    Not sure what he's caching, but we don't know what his usage patterns are, or what sites he's visiting that aren't dynamic and use proper ETags. And we don't know if he's using his pfsense implementation as a proxy as well, which would pretty much allow caching of static https sites.


  • Netgate Administrator

    I agree. Unless you have a very slow connection or pay lot for bandwidth, or both, it's not really worth caching data for most use cases.

    Steve



  • @CuteBoi @stephenw10 Thanks for explaining the uselessness of the caching however I will be keeping the 10gb links for data transfer between my nas and pc and Ill just use some small cheap ssd for the pfsense install



  • Just an FYI.

    IF the NAS and your PC are on the same network segment, they will never touch the pfSense interfaces. Only if the NAS and PC are using the Router as a gateway will you need that interface speed.

    It's nice to have a 10gbps in case you have different networks needing it. But typically folks keep their storage on a dedicated network not crossing their gateways.


Log in to reply