Throughput test N3150N-D3V



  • Since i`m not in a hurry to put my new board to work i wanted to do a throughput test.
    This also gives me time to get to know PFS before putting it on the frontdoor.

    The following was used:
    PC:
    Asus-Z87-A
    I5-4670K clock 4x 4.5 GHz
    Onboard NIC Realtek® 8111GR, 1 x Gigabit LAN Controller

    Laptop:
    PB Easynote
    I5-450M clock 2x 2.4 GHz
    Broadcom NetLink (TM) Gigabit Ethernet

    PFS:
    Gigabyte N3150N-D3V
    Onboard NIC Realtek® 8111G, 2 x Gigabit LAN Controller
    Standard USB (memstick) installation
    OpenVPN Server active
    OpenVPN export package

    TEST 1

    Laptop -> PFS -> PC
    LAN -> PFS -> WAN

    C:\iperf>iperf3 -c 192.168.11.10 -t 30
    Connecting to host 192.168.11.10, port 5201
    [  4] local 192.168.40.101 port 61595 connected to 192.168.11.10 port 5201
    [ ID] Interval          Transfer    Bandwidth
    #1
    [  4]  0.00-30.00  sec  2.58 GBytes  740 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  2.58 GBytes  740 Mbits/sec                  receiver
    #2
    [  4]  0.00-30.00  sec  2.61 GBytes  747 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  2.61 GBytes  747 Mbits/sec                  receiver
    #3
    [  4]  0.00-30.00  sec  2.58 GBytes  740 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  2.58 GBytes  740 Mbits/sec                  receiver

    #4
    C:\iperf>iperf3 -c 192.168.11.10 -t 60
    Connecting to host 192.168.11.10, port 5201
    [  4] local 192.168.40.101 port 61610 connected to 192.168.11.10 port 5201
    [  4]  0.00-60.00  sec  5.17 GBytes  740 Mbits/sec                  sender
    [  4]  0.00-60.00  sec  5.17 GBytes  740 Mbits/sec                  receiver

    –-----------------------------------------------------------------------------
    TEST 2

    PC -> PFS -> Laptop
    WAN -> PFS -> LAN

    C:\iperf>iperf3 -c 192.168.40.101 -t 30
    Connecting to host 192.168.40.101, port 5201
    [  4] local 192.168.11.10 port 61595 connected to 192.168.40.101 port 5201
    [ ID] Interval          Transfer    Bandwidth
    #1
    [  4]  0.00-30.00  sec  3.31 GBytes  946 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  3.31 GBytes  946 Mbits/sec                  receiver
    #2
    [  4]  0.00-30.00  sec  3.31 GBytes  946 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  3.31 GBytes  946 Mbits/sec                  receiver
    #3
    [  4]  0.00-30.00  sec  3.31 GBytes  946 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  3.31 GBytes  946 Mbits/sec                  receiver

    #4
    C:\iperf>iperf3 -c 192.168.40.101 -t 60
    Connecting to host 192.168.40.101, port 5201
    [  4] local 192.168.11.10 port 61610 connected to 192.168.40.101 port 5201
    [  4]  0.00-60.01  sec  6.60 GBytes  945 Mbits/sec                  sender
    [  4]  0.00-60.01  sec  6.60 GBytes  945 Mbits/sec                  receiver

    –-----------------------------------------------------------------------------

    In TEST 1 i suspected that the Laptop could not keep up.
    To find out i swapped the Laptop and PC and did a extra TEST 3.


    TEST 3

    Laptop -> PFS -> PC
    WAN -> PFS -> LAN

    C:\iperf>iperf3 -c 192.168.40.102 -t 30
    Connecting to host 192.168.40.102, port 5201
    [  4] local 192.168.11.11 port 63146 connected to 192.168.40.102 port 5201
    [ ID] Interval          Transfer    Bandwidth
    [  4]  0.00-30.00  sec  2.66 GBytes  763 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  2.66 GBytes  763 Mbits/sec                  receiver

    PC -> PFS -> Laptop
    LAN -> PFS -> WAN

    C:\iperf>iperf3 -c 192.168.11.11 -t 30
    Connecting to host 192.168.11.11, port 5201
    [  4] local 192.168.40.102 port 63146 connected to 192.168.11.11 port 5201
    [ ID] Interval          Transfer    Bandwidth
    [  4]  0.00-30.00  sec  3.31 GBytes  948 Mbits/sec                  sender
    [  4]  0.00-30.00  sec  3.31 GBytes  948 Mbits/sec                  receiver

    –-----------------------------------------------------------------------------

    TEST 3 confirms that the Laptop is the limiting factor.
    In the Dashboard the CPU never came above 16%.

    For home use i`m pretty satisfied with this performance.
    If i find time enough i want to test OpenVPN routed client to client throughput also.



  • What version (2.2.x or 2.3) of pfSense did you load?
    Was it 32 or 64 bit?



  • It`s 2.3/64 bit.



  • Made time to test OpenVPN too.
    These tests where done from client to PFS to client.

    OVPN-Server:
    Remote Access (SSL/TLS+User Auth)
    udp
    tun
    tls static key 2048
    Diffie Hellman 2048
    Certs 2048
    Encryption AES-256-CBC
    Auth digest SHA512
    prng RSA-SHA512 32
    fast-io
    tls-version-min 1.2 or-highest
    No hardware crypto selected
    No compression

    OVPN-Client export:
    dev tun
    persist-tun
    persist-key
    cipher AES-256-CBC
    auth SHA512
    tls-client
    client
    resolv-retry infinite
    remote 192.168.11.200 1194 udp
    lport 0
    verify-x509-name "OVPN-SERVER-CERT" name
    auth-user-pass
    ns-cert-type server
    comp-lzo no
    prng RSA-SHA512 32
    tls-version-min 1.2 or-highest

    Clients connect with:
    Control channel: TLSv1.2 DHE-RSA-AES256-GCM-SHA384 2048 bit RSA

    PFS:
    System/ Advanced/ Miscellaneous - Cryptographic Hardware -> None
    VPN/ OpenVPN/ Servers/ Edit - Inter-client communication -> Allowed

    Command
    :iperf3 -c 10.0.10.3 -t 30

    With above config:
    [ ID] Interval          Transfer    Bandwidth
    [  4]  0.00-30.01  sec  534 MBytes  149 Mbits/sec                  sender
    [  4]  0.00-30.01  sec  534 MBytes  149 Mbits/sec                  receiver

    Above + System/ Advanced/ Miscellaneous - Cryptographic Hardware -> AES-NI:
    [ ID] Interval          Transfer    Bandwidth
    [  4]  0.00-30.01  sec  530 MBytes  148 Mbits/sec                  sender
    [  4]  0.00-30.01  sec  530 MBytes  148 Mbits/sec                  receiver

    Above + OVPN-Server BSD cryptodev engine:
    [ ID] Interval          Transfer    Bandwidth
    [  4]  0.00-30.01  sec  523 MBytes  146 Mbits/sec                  sender
    [  4]  0.00-30.01  sec  523 MBytes  146 Mbits/sec                  receiver

    Above + add to client and server:
    sndbuf 524288
    rcvbuf 524288
    Which gave:
    [ ID] Interval          Transfer    Bandwidth
    [  4]  0.00-30.01  sec  538 MBytes  150 Mbits/sec                  sender
    [  4]  0.00-30.01  sec  538 MBytes  150 Mbits/sec                  receiver

    Above + no encryption
    cipher none
    auth none
    [ ID] Interval          Transfer    Bandwidth
    [  4]  0.00-30.01  sec  967 MBytes  270 Mbits/sec                  sender
    [  4]  0.00-30.01  sec  967 MBytes  270 Mbits/sec                  receiver

    I think the results for encryption and no encryption speak for themself.

    I don`t need big speeds for my home use but if someone has a idea for why enabling/disabling engine makes no difference, i would like to read it.

    What is this setting doing? For what does it apply?
    System/ Advanced/ Miscellaneous - Cryptographic Hardware -> AES-NI
    I did not test with that setting off and enabling only BSD crypto in OpenVPN Server, will do that next time.


Log in to reply