Can SG-3100 handle 800MB down / 20 up with CodelQ active to remove buffer bloat?
TadN last edited by
Apologies in advance for the long rambling question.
I'm looking for a lower power consumption firewall that can handle 800/20 WAN speeds while traffic shaping QoS - in pfsense I have Codel Queues configured. Bonus if it's silent as best place for my cable modem is an OnQ panel in the master closet.
So with the whole family at home due to the pandemic, I've upgraded our network speed from Spectrum. Doing so, I've found we encounter huge buffer bloat when I have kids playing fortnite, my wife watching netflix or Amazon prime, and other kids zwifting all while on their phones for discord, youtube videos, or google hangouts while I try to use my corporate vpn and zoom or skype for video calls... As classic with cable internet our given WAN speed varies with what my neighbors are doing too.
Being the resident IT guy in the house, I'm in the doghouse when somebody loses a game due to "high ping", gets dropped from their virtual bike race when almost at the top of a virtual mountain, or (worst for me) when my audio/video cuts out for business calls.
Solved the buffer bloat problem immediately by unplugging the spectrum provided router and using a Dell Precision T5500 with a dual port Intel Pro 1000 NIC running pfsense. By turning on traffic shaping, dsl reports speed test gives me an A+ across all the tests, Not surprising, this machine is a dual proc, 12 core monster with 48gb of ram and samsung SSDs.
Now I can do traffic shaping so everybody is happy, sounds like a human on VOIP, and gets all their internet related stuff done in parallel.
That said, I'd like my esxi lab server back, and not sounding like a WWI aircraft taking off in my closet :)
So here I am reading boards, watching youtube reviews and trying to find:
- A fanless appliance
- That doesn't need a 750W power supply
- That can handle 800/20 speeds while performing QoS traffic shaping using CodelQ
Things I've considered:
- smaller Dell optiplex running pfsense (loud, hot, power hungry)
- SG-3100 - hard to tell what max bandwidth I can get with traffic shaping - hence this post
- HP t620+ - hard to tell what I'll get with this quad core AMD SOC
- Unifi UDM Pro - loud rack mount and forum posts indicate it can routed 3.5gb speeds, but then turn on SPM for traffic shaping at it drops waaay down.
- Qotom or Yanling fanless appliance - sounds ideal on paper with a I5 or I7 proc with up to 8gb ram; but I'm not confident on quality control or even lead free paint being used on these...
At $400 the SG-3100 is in the range of the UDM Pro with the added bonus of being silent.
Any thoughts folks on SG-3100 performance while traffic shaping? Anyone using a QOTOM or YANLING appliance where you like it, or better yet had issues and had a positive support experience from China?
Any other products I should consider? I've heard Unifi has a Latvian competitor in merkai but I know very little about that product line...
chpalmer last edited by
Look at this site and verify you are not having issues caused by your modem.. badmodems.com
UDP traffic on a Puma6 modem can destroy traffic flow if the modem is running older firmware. Ive got two customers on Spectrum who we fixed by simply changing out the modem. One quite recently.
I have another customer with a QOTOM device and they have to reboot almost weekly. But they are pushing out multiple audio and video streams over OpenVPN 24/7. I believe it is just a buggy device. YMMV.
TadN last edited by
@chpalmer, Thanks! I'll run that site test once I have an ubuntu image spun up on a pc since it requires a direct connection to the modem and hence internet exposure...
Are you saying I should not be seeing any buffer bloat even without pfsense? Problem is all gone now that I'm running pf but I do have to run traffic shaping...
You're right, my fear around Qotom is quality of construction. Having a firewall that is silent but requires reboots is not going to get me out of the doghouse :P Thanks for your comment on those.
chpalmer last edited by
I should not be seeing any buffer bloat even without pfsense?
Bufferbloat happens at the funnel. You plan on testing direct with the modem so test that also. Bufferbloat happens. DSLR seems to have started this knowledge of the subject without really explaining it.
Its actually logical that some bufferbloat will happen. If you dump 20 gallons of water into a five gallon funnel its going to take some time to get through. Fixing all the upstream issues will help but sooner or later you will see latency increase as your network tries to push and pull more data to the head end than your plan includes.
But devices in your path can create more than should occur. Modem first. Why? Its the first line between you and them. Modems should be (IMHO) just a bridge between you and them. ( I hate all in ones) and that bridge should work full speed doing what you pay them for. Problem then becomes whether or not your node is oversold or not. But I do believe in most areas that is becoming less of a problem these days.
If your modem is driven by a Puma6 chipset though.. I would not trust it. Neither does Intel at this point.