500/500 mbit hardware.



  • Hello.
    I will soon receive a upgrade of my internet connection.
    The hardware i'm looking at buying is a Intel Celeron G1610.
    I have a motherboard for this, and a lot of Intel PCI NICs laying around( i work at a DC)

    Today im running openVPN and the standard features. pluss 3 seperate subnets that are routed seperate.

    Will this work fine? I want to be able to hammer the connection 24/7 with no hassle.


  • Netgate Administrator

    You want to be able to do OpenVPN at 500Mbps in both directions simultaneously?

    Steve



  • Nah. I will limit vpn to 200/20 :)



  • maybe a demo of all that and more by the end of the week.



  • Okay?
    What do you mean exactly. Will you have a similar setup?



  • I mean I have a 1Gbps/1Gbps connection at my house now.
    And a dual-core C2000 (@1.7Ghz) system with Intel NICs, running pfSense 2.2-alpha

    From a recent test:
    Download Speed: 681730 kbps (85216.3 KB/sec transfer rate)
    Upload Speed: 649368 kbps (81171 KB/sec transfer rate)
    Latency: 2 ms
    Jitter: 2 ms

    I am currently hitting a CPU wall.  More as it develops, but we can already do 500/500 mbit with inexpensive hardware/
    (It's not in the store, yet.)



  • @gonzopancho:

    I mean I have a 1Gbps/1Gbps connection at my house now.
    And a dual-core C2000 (@1.7Ghz) system with Intel NICs, running pfSense 2.2-alpha

    From a recent test:
    Download Speed: 681730 kbps (85216.3 KB/sec transfer rate)
    Upload Speed: 649368 kbps (81171 KB/sec transfer rate)
    Latency: 2 ms
    Jitter: 2 ms

    I am currently hitting a CPU wall.  More as it develops, but we can already do 500/500 mbit with inexpensive hardware/
    (It's not in the store, yet.)

    Incredible numbers.  What is that?  The C2358?



  • 2358 @ 1.74GHz  two core version of the C2758.



  • Nice.  The 40% clock boost with the C2758 should be enough to get it to 1000/1000 even without the assistance of the other 6 cores.  Really looking forward to 2.2.



  • @gonzopancho:

    I mean I have a 1Gbps/1Gbps connection at my house now.
    And a dual-core C2000 (@1.7Ghz) system with Intel NICs, running pfSense 2.2-alpha

    From a recent test:
    Download Speed: 681730 kbps (85216.3 KB/sec transfer rate)
    Upload Speed: 649368 kbps (81171 KB/sec transfer rate)
    Latency: 2 ms
    Jitter: 2 ms

    I am currently hitting a CPU wall.  More as it develops, but we can already do 500/500 mbit with inexpensive hardware/
    (It's not in the store, yet.)

    Very nice.  Have you had a chance to benchmark IPsec/Openvpn?



  • The C2758 is a bit to pricy, when i already have a motherboard and ram for 1155 socket.. Any other CPUs under 150 USD that will do this?


  • Netgate Administrator

    The G1610 should handle your 500/500 connection without a problem but I don't know what it's VPN capabilities are. It's likely to be at least close to your requirement though. Perhaps go for an i3.

    Steve



  • @work_permit:

    @gonzopancho:

    I mean I have a 1Gbps/1Gbps connection at my house now.
    And a dual-core C2000 (@1.7Ghz) system with Intel NICs, running pfSense 2.2-alpha

    From a recent test:
    Download Speed: 681730 kbps (85216.3 KB/sec transfer rate)
    Upload Speed: 649368 kbps (81171 KB/sec transfer rate)
    Latency: 2 ms
    Jitter: 2 ms

    I am currently hitting a CPU wall.  More as it develops, but we can already do 500/500 mbit with inexpensive hardware/
    (It's not in the store, yet.)

    Very nice.  Have you had a chance to benchmark IPsec/Openvpn?

    Not really.  I'm running IPsec, but the other end just now is a 7541 (dual core Atom @ 1.8GHz, so ~~60Mbps throughput).
    This is also where AES-NI will finally be tested in real-world conditions.  (The other end will either be a VM on a machine that
    will support AES-NI, or a 2758-based box.)

    I also think that I can get to 1Gbps with a bit more tuning.  (We're fixing pf as well.  Found 12% improvement in pf (in the general case) last night.  Note that this is pf, in FreeBSD, not just pf in pfSense.)  This isn't specific to the hardware being discussed here, it's generic to pf, so it should apply across platforms.

    But first I need to move off the production firewalls.  :-)



  • @wtf1337:

    The C2758 is a bit to pricy, when i already have a motherboard and ram for 1155 socket.. Any other CPUs under 150 USD that will do this?

    I think an i5-2520m (<$50 used) should beat it. You can pair it up with something like this http://www.ebay.ca/itm/ADVANTECH-AIMB-272-MAIN-BOARD-/281364963292?pt=BI_Control_Systems_PLCs&hash=item4182a89fdc&_uhb=1 for $100 total.

    I have 6 boards and 4 processors at the moment but I can't test any of them. I haven't got my rigs set up yet.



  • @gonzopancho:

    I mean I have a 1Gbps/1Gbps connection at my house now.
    And a dual-core C2000 (@1.7Ghz) system with Intel NICs, running pfSense 2.2-alpha

    From a recent test:
    Download Speed: 681730 kbps (85216.3 KB/sec transfer rate)
    Upload Speed: 649368 kbps (81171 KB/sec transfer rate)
    Latency: 2 ms
    Jitter: 2 ms

    I am currently hitting a CPU wall.  More as it develops, but we can already do 500/500 mbit with inexpensive hardware/
    (It's not in the store, yet.)

    Nice.

    When Fibre is installed in my area I will likely go for the 1Gbps/100Mbits option and was curious what non-enterprise level hardware would manage that. Would like to see what you eventually manage on the system.



  • @gonzopancho:

    I mean I have a 1Gbps/1Gbps connection at my house now.
    And a dual-core C2000 (@1.7Ghz) system with Intel NICs, running pfSense 2.2-alpha

    From a recent test:
    Download Speed: 681730 kbps (85216.3 KB/sec transfer rate)
    Upload Speed: 649368 kbps (81171 KB/sec transfer rate)
    Latency: 2 ms
    Jitter: 2 ms

    I am currently hitting a CPU wall.  More as it develops, but we can already do 500/500 mbit with inexpensive hardware/
    (It's not in the store, yet.)

    Was the up and down ran separately or at the same time? I guess I'm curious as to how much 2.2 benefits from multi-core.



  • Depends on the traffic mix.



  • There is a local guy selling a HP ProLiant MicroServer AMD NEO N40L.
    You guys think this would be powerful enough?



  • @wtf1337:

    There is a local guy selling a HP ProLiant MicroServer AMD NEO N40L.
    You guys think this would be powerful enough?

    For +200Mbit/s of VPN traffic?  No, it's not.



  • Im also on a 1Gbit/1Gbit line.  On 2.1.4 in transparent bridge,  with SNORT,  pfblocker.  Having webserver, mail and some vps running behind it.

    I was surprised how demanding a gigabit line actually was,  i cannot max out  my CPU,  but its close when i throw all at it.  and if you are planning on 1Gbit and " want to be able to hammer the connection 24/7 with no hassle."  Then without beeing an expert in this i would recommend better hardware,  especially if you plan on using snort and other heavy packages.

    My build:  e3-1240 v2,  asus P8B-E/4L,  8gb ecc ram,  using the onboard 4 x 82574L.

    Before you buy hardware for this,  be sure to lookup the hardware to be sure its supportet :)