Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SG-2440 Gigabit performance

    Scheduled Pinned Locked Moved Hardware
    2 Posts 2 Posters 553 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      orangetree
      last edited by

      I was recently upgraded from 600 to 1gbps at my home office but although i was clearing 900+ directly to the ISP device. I wasn't getting more than about 580 directly plugged into the 2440, and the CPU was hitting 95%+ during speed tests.

      I searched and saw another post here asking about the SG-2440 and similar gigabit under-performance; and it sounded like as long as it wasn't using PPPoE it should be able to do more than what the asker was getting, but it wasn't clear how much more.

      I did some additional testing and found that disabling bandwidthd opened me up to about 800mbps. Disabling a few other things (HAproxy, OpenVPN server, made no noticeable difference)

      Does this sound like about the right limit for an SG-2440 or is there likely something I can do to get more from it? If I upgraded to a 3100 or 5100 would I see the same throughput im getting from the ISP device? (900+)

      Also, I've got 2 more SG-2440 our offices; so as gigabit service becomes available at those sites, I'd like to know what to expect. They're currently connected via site-site open vpn. What's the likely openvpn throughput if we were to have gbps (up and down) at both sites through a pair of SG-2440? (vs what we might get from an upgrade?)

      -thanks,
      Dave

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by stephenw10

        The SG-2440 should pass traffic at (or close to) gigabit line rate for firewall and NAT in ideal conditions. Usual caveats apply of course.
        However it cannot do that for a PPPoE connection because of the single NIC queue restriction that applies there.
        Setting net.isr.dispatch=deferred can help a lot in that situation though. See:
        https://docs.netgate.com/pfsense/en/latest/hardware/tune.html#pppoe-with-multi-queue-nics

        Steve

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.