Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What does "firewall performance" actually mean?

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    2 Posts 2 Posters 487 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      Wpq
      last edited by

      Hello,

      I am considering replacing my home router (an Ubiquity ER-4) with a PfSense device, namely the SG-2100.

      I have a 1 Gbps / 400 Mbps fibre (in reality I get ~950/400 Mbps) and the SG-2100 specs mention 881/314 Mbps for "Firewall".

      Since this in an edge router, there is going to be

      • routing (from the LAN to the WAN, with a SNAT)
      • switching (between the ports)
      • possibly firewalling (I do not expect any)
      • port forwarding (DNAT)

      Which of these activities are the numbers for?

      I tried to find a technical description of these numbers but except for"look for more details below" I did not find anything (and "below" there were no more details).

      I saw that the ports are 1 Gbps and the backplane is 2.5 Gbps, which I believe relates to the switching capacities (which in my case are the less important ones)

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        If you have a "1G" connection you are going to want to step-up to the SG-3100.

        With an SG-2100 configured for outbound NAT and firewall like that you will not see 800Mbps when testing to, for example, speedtest .net from a client behind it.

        Steve

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.