J1900 performance
-
@kiokoman did you buy a Qotom? or one of the many variants?
I have a small HO with 7 PCs, 2 MediaBoxes, 1 BluRay, 1 Dreambox, 1 NAS, 1 Printer, 4 cameras, VOIP phones connected to 120Mg cable.
Runs like a charm and has done so for 3yrs.I use 2 x VPN connections for all traffic by default, with only exceptions over WAN.
Snort, pfblocker, nut and ntopng (temporary disabled due to fill /var directory )my Quotom has 8Gb ram and 32Gb drive. 3% disk usage, 40deg, CPU 8% - typical. it is formatted as EFI boot and ZFS.
- note my qotom is v2 h/w and i previously had a YanLing with v1 h/w that ran at 52deg and was unstable. I don't recommend YanLing as the service was non-existent. But Qotom have been great in my experience.
In summary, i think you had a case of bad luck.
-
I think you mean J1900?
The Celeron J1900 performance is surprisingly bad given it's age and clock speed.
Single thread performance seems particularly so, there have been a number of threads here where PPPoE users struggled to get the throughput they needed.
Probably fine if you don't have a PPPoE WAN.I would still look for something newer though, that's a 7 year old CPU at this point. There are many newer, better options.
Steve
-
@stephenw10 yes YanLing have a 3160 which supports AES, but i wouldn't touch them. JKnott says he is the only user, so i would argue the J1900 is more than enough. I have no probs with my performance. my clients show 100Mg over the VPN or 120Mg over WAN. there is more often than not at least 3 people streaming from youtube at any one time in my household.
-
@gwaitsi
no, i don't give money to thieves -
@kiokoman different horses, different courses. i've had no problems
-
So, it wouldn't be suitable for 500 Mb? As I mentioned, encryption performance is not an issue for me, as I only use my VPN occasionally.
I'll have to see how my current firewall holds up. It an old HP dx5150, which dates back 15 years or so.
-
@JKnott i think it would be fine
-
@JKnott Depending on the specific CPU in the dx5150 it'll range from about the same performance as the J1900 to slightly faster for single-threaded work (J1900 wins 4x on stuff that parallelizes). So I'd suggest trying it on the dx5150. If the performance is fine, the J1900 will do the same thing but smaller and with less power consumption. If the dx5150 can't keep up, the J1900 won't be a huge upgrade and you'll need something newer than silvermont architecture.
-
Yup that.
Everything else aside if you are buying something new buy something actually current. The only reason to get a J1900 would be if it was very cheap.
Steve
-
@stephenw10 said in J1900 performance:
Yup that.
Everything else aside if you are buying something new buy something actually current. The only reason to get a J1900 would be if it was very cheap.
Unfortunately, the J1900 solutions still tend to be compellingly cheaper than alternatives, presumably because the CPU supply is apparently bottomless. Goldmont solutions run rings around them, but 3 years after release the availability is still low and the pricing consequently high. The lack of availability also impacts the available configurations (e.g., finding solutions with multiple NICs instead of multiple HDMI ports & wifi can be challenging, especially at a given price).
-
@JKnott
The Qotom is also availabel with a more powerful i5 mobile CPU at aprox the same price. The mobile CPUs have an effective power management, so that it will take rarely more power than the J1900 if it isn't really needed.
So why want you buy such an old CPU today.I purchased a Qotom with an i5-4200U about three years ago and it does its job as my home router since that time well. The average power consumption is at circa 7 W, though its TPD is 15 W.
-
I have 2 x Qotom i5-5250U (4-port) at home , 8G Ram + 64G M2.
They do 1Gb wo. problems (iPerf tested)But i switched to Qotom i3-7130U (6-port) at work , primarily due to the higher clock frequency. At work they're doing multiple OVPN tunnels, and OVPN is single threaded, where higher CLK means more throughput.
My Q's came with windows preinstalled , and i booted one up for fun (worked). The rest was immediately installed w. pfSense from USB stick.
I'd stay away from the J1900
/Bingo
-
@viragomann i5-4200U is itself 7 years old, based on a 9 year old architecture. They tend to be at least 30-40% more expensive than the J1900 solutions, and at that point I don't see it as really compelling over a much newer part for just a little bit more. (Haswell has AES-NI, but it's a much older and less efficient/slower implementation, lacks sha extensions, etc.) So if I'm not making the J1900 value play, I'd rather have (e.g.) a C3558 or i3-7100U than an i5-4200U for just a little bit more. YMMV.
-
@VAMike
The i5-4200U is that one I purchased 3 years ago. It won't be available anymore today, but you may get a newer i5.
An i3-7100U may be a good choice as well. -
@viragomann yes, there are a lot of newer and higher performing devices than J1900. The point was that the J1900 hangs around because for much of the world they are the cheapest option by a margin large enough to be significant if someone's on a budget. (For US customers an APU2 is cheaper, but internationally might cost 2x the J1900.) If the J1900 is fast enough for what you're trying to do, it can be hard to justify spending more whether or not you get more. Personally, my home firewall spends most of its life sitting around mostly idle, and if I got a faster one it would just be more idle. (For the record, it isn't a J1900, and I'm not speculating in J1900 futures. :) )
-
@VAMike
What about the missing AES-NI instructions on the J1900 (and future proofing)
I know it's not a pre-req for 2.5 anymore, but ...I would rather pay a little more for a i3-7100U , than getting a unit that migbt be obsolete in 2 years.
But as you say , if there is a really tight budget .. The J1900 wound prob. do for a year or two.
/Bingo
-
@bingo600 If you are doing straight firewalling, no vpn, then crypto performance is meaningless. If you're doing something that does require crypto performance, than that would obviously be a factor.
In general, "future proofing" in this industry is a waste of money. If you can buy something that lasts 2 years (and realistically, there's probably no reason a J1900 firewall couldn't last 5 years, or 10 years unless you suddenly get a major bandwidth boost--home firewall just isn't a hard problem) it'll almost certainly be cheaper to buy something better later when you need it than it is to buy that same level of performance now. And there's a really good chance that whatever drives you to need to upgrade a few years down the line is something you couldn't/didn't anticipate now, so you'd have to buy another one even if you had overspec'd today. This is even more true for highly integrated devices than for larger builds, because incremental upgrades tend to be really hard. For example, if your big future ISP upgrade requires a 2.5 or 5gbps interface and your SBC router only has 1gbps interfaces, it doesn't matter if the CPU powerful enough to do 10gbps--you're going to end up needing a new device. Or maybe the hot thing will be some kind of 6G internet that you can only really take advantage of if you plug an adapter in via USB 3.8gen57 or thunderbolt and you're stuck with old school USB 3.0. (High speed external adapters tend to not be a focus area for current-gen mini-pc routers...)
In the end, if getting an i3-7100U works for you, great, get that. My pushback is against the notion that anyone who doesn't must be stupid.
-
@VAMike said in J1900 performance:
If you are doing straight firewalling, no vpn, then crypto performance is meaningless. If you're doing something that does require crypto performance, than that would obviously be a factor.
I'm a bit confused here.
While your statement above is correct, i was under the impression that the early announcement of 2.5 with the AES-NI requirement.
Would have prevented you from upgrading to 2.5.IMHO that would have meant that we're not talking about crypto performance anymore. But about being able to use (upgrade to) the latest pfSense software.
/Bingo
-
@bingo600 there was a later announcement that AES-NI would not be required. I bought an E3845 because of that, and gave it away as the newer J1900 h/w run much cooler and didn't make any difference for me and small family. JKnott did say he was the only user, so hard to imagine how he will stress the box more than my small home/office environment.
-
I just got my 500/20 Mb modem set up. I get 559.79 down and 21.63 up. Did my message appear faster?
