OPNsense Forum
English Forums => Hardware and Performance => Topic started by: Sparkey on September 19, 2023, 06:35:20 pm
-
Greetings,
I am getting a fiber for the business and it is up to 10 Gbps. We have not chosen what to use as hardware and which speed of internet as of today. We are offered a Copper RJ45 hand off and have a choice of 100/1/2.5/5/10Gbps symmetrical. Internally we would like the LAN part to be a 10Gbps copper RJ45 connection as well. I would like to know what hardware OPNsense recommends or forum users that have already tested similar hardware. I have IDS IPS enables via Proofpoint.
Thanks in Advance!
Sparkey
-
By all means get a system with SFP+ ports. And connect to the switch infrastructure via fiber, patch "cables" are cheap as are SFP+ modules if you buy from fs.com. 10G copper runs awfully hot and is not nearly as reliable.
That being said, pick from any of these options according to the specs and your IDS throughput needs:
https://shop.opnsense.com/product-categorie/hardware-appliances/
-
Thanks! I will check to see if they have a fiber hand off and do the SFP+. Is the 10Gbps SFP+ module run host as well?
Sparkey
-
Is the 10Gbps SFP+ module run host as well?
host? hot?
10G SFP+ copper run hot. 10G SFP+ fiber are ok.
My experience, YMMV. But even without a proper fibre infrastructure I came to the conclusion that for trunk/backbone ports inside a single cabinet fiber rules.
-
I believe it was STH who ran into the issue of having to space out RJ45 SFP+ modules on their switches due to the amount of heat they generate.
SFP+ gear is a lot more common and cheaper than 10g rj45. The only reason I can think of for going with copper for 10g is attempting to use existing building wiring. If that's not the case, I would stick to SFP+.
For shorter runs you can use DACs instead of fiber but that would be primarily internal to a rack or from one rack to the next. Once you get over 10-15ft you start having issues. I originally tried a longer DAC because I didn't want to deal with fiber but that ended up being painful and I had to get a custom DAC made. Since I was at the limit for passive DAC, I assume that was the source of my issues. I ended up switching it out for fiber and that was both cheaper and easier, albeit slightly more fragile.
Patrick, I'm curious why you don't use DACs for internal rack runs.
-
@CJ, if both ends are different manufacturers I prefer to get properly branded modules from fs.com and fiber "cables" separately. Also, if a DAC gets damaged, the financial loss is much higher than for a strand of fiber.
-
@CJ, if both ends are different manufacturers I prefer to get properly branded modules from fs.com and fiber "cables" separately. Also, if a DAC gets damaged, the financial loss is much higher than for a strand of fiber.
I will admit that I'm relatively new to the SFP+ world, but I've been using generic transceivers and DACS. The only time that didn't work was the long DAC I mentioned previously. That one required custom ends and was actually from fs.com.
I'm not sure what you mean by the financial loss for DAC being higher than fiber. Do you just mean that that if the fiber gets damaged it's cheaper to replace that because you can use the same transceivers? Does that happen often? I would assume the risk would be lower with DAC since they're not as fragile.