How many years of operation can I expect from an SG-2220?



  • I'm a home user and I want to grab an SG-2220 along with an internal WiFi card to replace my DSL gateway.

    pfSense does everything I need and a whole lot more but this is a 374USD purchase and I want to know how many years of operation can I expect from it.

    All consumer-grade gateways I've had worked fine for 2-6 years and then something always broke. I'm talking about appliances you can get off the shelf for 50-170USD. All of them, eventually, stopped working. One Phillips gateway couldn't synchronize with the ISP at all. A D-Link never managed to work properly and really didn't like port-forwarding. A Thomson one day decided it would stop booting. A Zyxel had one Ethernet port go dead, port-forwarding stopped working, and doesn't always synchronize with the ISP (yes, a Zyxel, this was the one that cost 170USD). From what I've been told these were all hardware failures (capacitors going bad, for example) and they told me that all gateways eventually break because they operate 24/7, plus they get the occasional power surges.

    So my question is: how long can I expect the SG-2220 to keep working without something breaking on the hardware?

    And in addition to that, for how many years will I be able to run the latest pfSense version?

    My common sense can answer the second question: for as long as the CPU and RAM of the SG-2220 manage to run pfSense decently, with the kind of load I put on it. Since the feature I plan to use is just a blocklist, and I only have 3 machines connected (a desktop, a small playbox server, a smartphone), seems like 7-10 years is not a bad expectation.



  • I'm a home user and I want to grab an SG-2220 along with an internal WiFi card to replace my DSL gateway.

    Then it would be a really good choice to get also some other things on top of this or besides.
    A proper ADSL, ADSL2+ or VDSL modem likes the following ones;

    • Draytek Vigor 130
    • ZyXEL VMG1312

    A smaller or greater network switch to connect the other devices in the entire LAN.
    Negear GS105E
    Netgear GS108E
    Netgear GS108Tv2
    Cisco SG105D-05
    Cisco SG200-08
    Cisco SG300-10

    The SG-2220 unit is a pfSense firewall but without a modem and so it would be not really matching
    a replacement for a ADSL gateway. The most home users thing they got a plastic router for something
    around ~$50 - $200 and with that they were reaching the maximum of speed from their Internet connection.

    And now for the same money something must be doing the same but running pfSense on it as an
    alternatively firmware, it isn´t so. Because pfSense is a software firewall based on x86 (32Bit & 64Bit).

    pfSense does everything I need and a whole lot more but this is a 374USD purchase and I want to know how many years of operation can I expect from it.

    All is pending on what are your real needs. Please tell us more about the;

    • installed packets you want to run
    • services and functions you offer and need
    • the Internet connection speed of your Internet line

    All consumer-grade gateways I've had worked fine for 2-6 years and then something always broke.

    Each hardware can have a failure and is not made to run forever. Neither in computing nor in networking.
    The older Alix boards were running at the most home set ups for 5 - 6 years fine, but likes all other software
    also together with pfSense something newer is inserted and will need also more horse power or must be
    stronger to have it running smooth and liquid. It is likes it is, of you are fine with pfSense only and
    pfBlockerNG it would be enough for many years in my eyes for sure. If you want even more and more
    packets to be running on that unit you should consider the SG-2440 units perhaps.

    I'm talking about appliances you can get off the shelf for 50-170USD. All of them, eventually, stopped working. One Phillips gateway couldn't synchronize with the ISP at all. A D-Link never managed to work properly and really didn't like port-forwarding. A Thomson one day decided it would stop booting. A Zyxel had one Ethernet port go dead, port-forwarding stopped working, and doesn't always synchronize with the ISP (yes, a Zyxel, this was the one that cost 170USD). From what I've been told these were all hardware failures (capacitors going bad, for example) and they told me that all gateways eventually break because they operate 24/7, plus they get the occasional power surges.

    This SG-2220 unit is not so long on the market that long time experiences from users could be expected.

    So my question is: how long can I expect the SG-2220 to keep working without something breaking on the hardware?

    How many years you will drive your next car? Or how long your next TV will running for you?

    And in addition to that, for how many years will I be able to run the latest pfSense version?

    What is coming in the next pfsense version 2.3, 2.4, 2.5 and 2.6?
    Do you know it really today? Or do you think the developers will be
    able to say in version 2.8 the SG-2220 will be outdated?

    My common sense can answer the second question: for as long as the CPU and RAM of the SG-2220 manage to run pfSense decently, with the kind of load I put on it.

    If you have a 1 GBit/s WAN line it would be perhaps better to think about it and go with another greater modell
    from the SG-units. In normal you will be able to tell it likes that: How much stronger that hardware will be,
    that longer pfsense will be running on it. For sure that is a really flat information, but what is coming all the
    next years to us? What is inserted in the pfSense versions? What new Internet speed will be set up by new
    methods or technical things? Nobody knows it really.

    Since the feature I plan to use is just a blocklist, and I only have 3 machines connected (a desktop, a small playbox server, a smartphone), seems like 7-10 years is not a bad expectation.

    And what is your next;

    • Internet line rate? Perhaps with a new technology something around 5 GBit/s then?
    • Your next smartphone generation will be having and owning VR and a hologram as the screen?
      But that needs then another router or firewall or Internet account! And then?
    • Your next PC is strong as now other one and 2,5 GBit/s or 5 GBit/s ethernet ports are common and normal
      and then?
    • In the next five years OpenSource software will be prohibited and then?

    This SG-units are to new on the market that nayone can tell you something around likes a long term
    testing or result of long time usage. Perhaps the pfSense developers or pfSense store guys would be able.

    But from what I was seeing here reports it is a fine series and strong and powerful enough is it is right
    sorted, for only firewall and blocking some sides it would be fine for you. With 1 GBit/s at the WAN,
    more Internet accounts then one, more heavy usage and installing many packets I would more have
    a look to the SG-2440. Dan Kinble jr. is selling his SG-2440 unit, perhaps you might be getting a cheap
    shot! Good luck for it. SG-2440 on sale



  • My connection is 24-mbit download, 1-mbit upload.

    The features I expect to use is: a firewall with port-forward (what you find in most DSL gateways) and a blacklist of hosts and addresses. pfBlockerNG seems the obvious choice for the blacklisting.

    Just to make sure I got you:

    Noone knows how much the hardware will last since it hasn't been that long out there. Also noone knows for how long I'll be able to run the latest pfSense version.

    However… If I stick with a WAN connection under 1-gbit and all I do with the unit is have those two tasks, I can keep the unit running on the latest pfSense for quite a long way to come. And since my WAN connection is in the mbit-class, I could try a few more power "hungry" operations, like a VPN.

    Have I got this right?



  • Alot of hardware comes with an MTBF (Mean Time Between Failures) calculation.  If the manufacturer releases that, that's how long, generally speaking, the hardware will last in hours.  Hardware sometimes comes with a support matrix also - for how long it will be supported by the company.  I don't see either for the pfSense hardware yet.

    MTBF can be calculated based on what components are within the system's hardware; you wouldn't have to run it for years before it could be calculated.



  • So I need to track the hardware they use and see if the OEM releases a MTBF?

    Boy, that sounds complicated. I'll give it a shot.



  • In general, server grade hardware, or something with long term support tends to last longer.
    I have a Dell PowerEdge 860 with 1GB DDR2 + 160GB SATA running in a DataCenter, you know what? It's being put on the shelf since late 2006, the machine up & running for 9 years and none of the parts broken down (I queried the SMART report, the HDD is still fine with 80K hrs running time!). The SG-2220 is made of C2358, kind of server grade component, your external PSU for this might break down but in general I won't expect this firewall to fail  within 5yrs under proper usage.

    Tell you another story, the most original Linksys 54G router, which is capable to run DD-WRT, is still serving in my father's home! It started server in my office and when they give this up I flash new firmware, now it's sitting on my father deskt and running fine! (That one probably served > 10yrs)



  • I can't speak for the SG-2220, which I am sure is a good piece of hardware, but cheap consumer-grade gear in most homes are designed to only last a few years.

    I've just switched over to fibre, but before that had a Draytek 110 ADSL modem which was second hand when I bought it, and it lasted 8 more years with one wall-wart power supply replacement (a common failure point for cheap hardware) and one replacement capacitor (also a commone failure point) just 3 weeks before fibre installation. My old router (WRT54GS) has also needed new caps over its long life span. It's still serving as a wireless AP, although its routing function has now been superceeded but pfSense :)

    If you hear a new high-pitched, almost inaudible whine from an electronic component which has stopped working, chances are a capacitor has gone bad. Fortunately, with a modicum of skill and patience, most are readily user replaceable



  • If you hear a new high-pitched, almost inaudible whine from an electronic component which has stopped working, chances are a capacitor has gone bad. Fortunately, with a modicum of skill and patience, most are readily user replaceable

    Thats right, but in normal and also really common a capacitor is drying out over the years of work and then
    it is failing based on that circumstance. You can surely feel free to let someone solder some solid caps on that
    place and they will go for a really longer time without no problems. But if one of that if then also failing too, that
    are not the things the OP is talking about in my opinion, that are things that would be solved surely fast by using
    better or common laptop PSU or solid caps for longer life. See Apple or Nokia there are not even or typical
    cheap brands and have failings like other vendors too.