OPNsense Forum

English Forums => Hardware and Performance => Topic started by: TomT on April 21, 2021, 04:25:36 pm

Title: J1900 is it suitable ?
Post by: TomT on April 21, 2021, 04:25:36 pm

Hi,

Currently I'm running on a Qotom J1900 box with 8GB Ram and 128SSD.

Most things seem to be fine, but I'm getting the odd slow issue on a wireguard VPN.
It's not all the time, so I do think it could be the PIA server I'm connecting to.
However, is a J1900 OK for a 80/20 FTTC circuit doing PPPoE, 1 x IPSEC, 1 x Wireguard VPN and multiple clients ?

I've moved from pfsense which is running on a GX-420CA ( aes-ni supported ) with 8GB, 128GB SSD, 2 x Intel gigabit nics and 2 x Realtek gigabit nics with the same config. I've not had any issues with that box or the nics. 

Would that be a better box to run opnsense on ?

Thanks

Title: Re: J1900 is it suitable ?
Post by: TomT on April 21, 2021, 10:44:47 pm

Anyone any thoughts on this?
Would the GX-420CA perform better?

Thanks

Title: Re: J1900 is it suitable ?
Post by: opnfwb on April 22, 2021, 09:27:31 pm

In raw single core performance I think the J1900 is slightly faster but otherwise, pretty close. However the lack of AES-NI on the J1900 would mean that any OpenVPN throughput would be much lower. So it kind of depends on your use case.

Personally, I'd look to move up to a slightly newer platform with better single core turbo clockspeeds and AES-NI built in. Something like a J3455 or the newer J4105 or J5005.

Title: Re: J1900 is it suitable ?
Post by: TomT on April 23, 2021, 09:40:08 am

Thanks for the advise.
I am starting to look at a new box to run this on.

Would an i3 6157u (dual core) be better than a J5005 ?

Cheers

Title: Re: J1900 is it suitable ?
Post by: chemlud on April 23, 2021, 09:49:53 am

You may have a look at used Dell Optiplex SFF (small form factor, very important to install additional NICs, the box itself has only one NIC). Quite cheap and with 1-2 Intel NIC cards you can have a lot of interfaces.

eBay and used hardware retailers should offer lots of those boxes.

For 80/20 you don't need a lot of power...

Title: Re: J1900 is it suitable ?
Post by: ezra55 on April 26, 2021, 07:06:10 pm

I've used one until the VPN speed was unbearable. I tunnel all outgoing traffic over 5x load balanced tunnel but the box could not handle it. Now i added a dedicated 4x NIC (3x LACP to switch, 1x WAN) and virtualized OPNsense on my Poweredge T630.

Also bought a second hand 1u server (to much pain when i need to google something when the T630 is down), planning to slap in a 10GB qlogic nic for LAN and use the onboard 1GB for WAN.
Bought a cheap i5 (with AES-ni) off of ebay, testing out the performance in the next weeks.

Title: Re: J1900 is it suitable ?
Post by: TomT on April 27, 2021, 12:36:43 pm

Hi,

I've moved over to the GX-420CA box and all seems to be working fine.

Thanks