I just recently got a new ISP and new internet speed 1200/600, my current firewall with opnsense can not handle the speed (AMD GX-412TC SOC), I have been looking for a new firewall (opnsense + 2.5 Ethernet) and found several with the Intel N100 CPU (2023).
I was wondering if this CPU is good enough to handle the Internet speed and if there is overhead?
The problem is Opnsense, as the BSD kernel used is doing single thread network routing. So the APU can saturate 1gbit with multiple connections/threads or if you switch to a firewall with a Linux kernel like OpenWRT.
That said, a N100 probably does have enough single thread performance to do 1.2 Gbit. Not sure about the full 2.5gbit though.
Thank you for the answers. I enjoy opnsense, it’s easier to use then openwrt for me personally.
I was thinking to do some testing of the new device before I replace the old one. But I wanted to hear if anyone has experiences.
I looked at CPU benchmark net, and saw that N100 is about 8 times faster then the AMD SOC. I’m not sure if this is linear with performance increase. Currently max download is about 600-700 while upload is 300-400.
I would try pfsense. Definitely no need for new hardware.
Yes.
Edit: How pathetic. It’s software. Keep trying to convince him to buy new hardware when he doesn’t need it.
Again, no.
Not when they’re hostile to their end users and other projects for no reason.
Yes.
Found the Pfsense employee lol
Why?
How are you measuring your speeds? I think cloudflare speed tests were more accurate for me then ookla, but in the end downloading a large file over usenet gives me the best picture
Edit- and that made me realise my ssd was a bottleneck, replacing that helped me go from 500-600 to about 900-950 on my gigabit connection
Which is why tests like these should be done in ram.
I tested with seedtest-cli, libre speed test and downloading a big file (with a combination of different devices). The CPU immediately goes to 100%
When I use the ISP box directly I get full speed.
I’m using a virtualized opnsense on an n100 and it handles my 1.5gb line fine.
That you very much for the answer.
Can I ask why you are doing your firewall virtualized? I never understood why people do it, for me using bare metal has more advanced.
Honestly I’m a big fan of openWRT as it can give very good performance on cheap and used hardware.
I’ve never used it on amd64 but it may be worth a shot.
I used devices from gl iNet, the devices are good, but I find the UI of opnsense way better (compared to advance ui of openWRT) and updates are directly from opnsense.
I still have them for smaller network tests but for some reason I never got close to it. Probably another reason is that my brother uses opnsense too, if we have any issues we can ask each other for help.
Is there a good gui suggestion?
It comes with a fairly extensive GUI
Last time I used Luci gui was like 12 years ago. How has it improved since?
I haven’t been using it for 12 years but right now the Luci GUI is the most extensive router GUI I’ve used.
deleted by creator