Data Point - maximum throughput of an Alix
-
I have had the opportunity of connecting an Alix to a Cisco ASR1001 and doing some full-speed throughput tests.
Details
Alix 2d2 with 256 MB running pfSense 2.1 stable
iperf version is iperf version 2.0.5 (08 Jul 2010) pthreads
Cisco ASR1001 IOS version 15.3(2)S advipservicesThese two tests are running iperf on the alix directly, in server and client mode separately.
The other end was a linux firewall running on centos 6.4, to iperf version 2.0.5 (08 Jul 2010) pthreadsTCP PPPoE Mbits/sec
DOWNLOAD 60.2 59.7 59.8 60.3 AVERAGE 60.0 Mbit/sec download
UPLOAD 62.1 61.8 63.2 62.2 AVERAGE 62.3 Mbit/sec uploadCommand line was
Client iperf -c 299.399.499.6
Server iperf -sUDP PPPoE Mbits/sec
DOWNLOAD 50.8 51.0 50.0 51.0 AVERAGE 50.7 Mbit/sec download
UPLOAD Couldn't make this workCommand line was
Client iperf -c 299.399.499.13 -u -b 110M
Server iperf -s -uThese next two tests are done over vr0 which is the untagged LAN. The PC was running linux, and connected via a cat5e straight cable into a gig intel NIC.
PC was running iperf version 2.0.5 (08 Jul 2010) pthreadsTCP LAN Mbits/sec
DOWNLOAD 86.5 86.6 86.6 86.5 AVERAGE 86.55Mbit/sec download
UPLOAD 94.5 93.9 94.1 94.3 AVERAGE 94.2 Mbit/sec uploadCommand line was
Client iperf -c 10.28.1.201
Server iperf -sUDP LAN Mbits/sec
DOWNLOAD 88.4 88.4 88.1 88.3 AVERAGE 88.30Mbit/sec download
UPLOAD 95.4 94.7 95.4 95.5 AVERAGE 95.25Mbit/sec uploadCommand line was
Client iperf -c 10.28.1.2 -u -b 110M
Server iperf -s -uFinally this was a NAT set up on the external PPPoE interface to send the iperf session to a desktop on the alix's LAN. This traffic is therefore through but not sourced or destined for the Alix. It is NATted by the Alix though. Client and Server were the two linux boxes already mentioned.
TCP NATted through Alix Mbits/sec
DOWNLOAD 86.4 86.6 86.7 86.6 AVERAGE 86.55Mbit/sec download
UPLOAD 65.4 64.6 65.1 65.3 AVERAGE 65.1 Mbit/sec uploadCommand line was
Client iperf -c 299.399.499.6
Server iperf -sUDP NATted through Alix Mbits/sec
DOWNLOAD Couldn't make this work
UPLOAD Couldn't make this workCommand line was
Client iperf -c 299.399.499.13 -u -b 110M
Server iperf -s -uNotes
- the NICs in the alix are 100 Mbit
- Load average while running a 3 minute test was well over 5.5
- CPU usage was nailed at 100% during these tests
- Webgui was sludgy and non-responsive until iperf test had completed.
Conclusion:
Alix can reliably exceed 50 Mbit over a PPPoE session.
Alix can do up to 95% of 100 Mbit wire speed, but its hard work.These tests say nothing about performance over a statically configured or DHCP based internet connection.
Any questions please ask.
-
Interesting, but gaining an IP address via DHCP isn't going to have a measurable effect.
Also, you may want to note that I won't let Netgate (or ESF) release results based on a direct RJ45 connection.
While it might represent decreased variance between test runs, it doesn't represent real-world conditions. -
@gonzopancho:
Interesting, but gaining an IP address via DHCP isn't going to have a measurable effect.
Also, you may want to note that I won't let Netgate (or ESF) release results based on a direct RJ45 connection.
While it might represent decreased variance between test runs, it doesn't represent real-world conditions.The point I was making is that 50 Mbit is pretty much as fast as an alix can be trusted to go.
It could do a lower maximum if you're running lots of packages and crypto.Also by using a direct ethernet, takes out any limitations imposed by the internet connection, my home VDSL gets 40/7 so I can't use that to find an upper limit for throughput.
In my city there is a new fibre network that is available at speeds of 30 or 100 Mbit, so an alix 2 would be fine for the 30 Mbit plan but not really up to the 100 Mbit plan.
The whole point was to find a ceiling value.
In other testing, we've found that a cisco 88x series router tops out at around 30 Mbit maximum, so they're really rather useless. This is handy information to have when scoping realistic hardware requirements.
By comparison, the local telco put in cisco 1800 or 1900 on anything up to 3 Mbit then Cisco 2900 on up to 30 Mbit. They're not cheap.
If you require fine-print, these results are mine, and may or may not reflect your actual experience. YMMV. If symptoms persist then see a doctor or registered medical professional. May contain traces of nuts. And don't ever trust Tower Insurance.