OPNsense Forum
English Forums => Hardware and Performance => Topic started by: TomT on April 21, 2021, 04:25:36 pm
-
Hi,
Currently I'm running on a Qotom J1900 box with 8GB Ram and 128SSD.
Most things seem to be fine, but I'm getting the odd slow issue on a wireguard VPN.
It's not all the time, so I do think it could be the PIA server I'm connecting to.
However, is a J1900 OK for a 80/20 FTTC circuit doing PPPoE, 1 x IPSEC, 1 x Wireguard VPN and multiple clients ?
I've moved from pfsense which is running on a GX-420CA ( aes-ni supported ) with 8GB, 128GB SSD, 2 x Intel gigabit nics and 2 x Realtek gigabit nics with the same config. I've not had any issues with that box or the nics.
Would that be a better box to run opnsense on ?
Thanks
-
Anyone any thoughts on this?
Would the GX-420CA perform better?
Thanks
-
In raw single core performance I think the J1900 is slightly faster but otherwise, pretty close. However the lack of AES-NI on the J1900 would mean that any OpenVPN throughput would be much lower. So it kind of depends on your use case.
Personally, I'd look to move up to a slightly newer platform with better single core turbo clockspeeds and AES-NI built in. Something like a J3455 or the newer J4105 or J5005.
-
Thanks for the advise.
I am starting to look at a new box to run this on.
Would an i3 6157u (dual core) be better than a J5005 ?
Cheers
-
You may have a look at used Dell Optiplex SFF (small form factor, very important to install additional NICs, the box itself has only one NIC). Quite cheap and with 1-2 Intel NIC cards you can have a lot of interfaces.
eBay and used hardware retailers should offer lots of those boxes.
For 80/20 you don't need a lot of power...
-
I've used one until the VPN speed was unbearable. I tunnel all outgoing traffic over 5x load balanced tunnel but the box could not handle it. Now i added a dedicated 4x NIC (3x LACP to switch, 1x WAN) and virtualized OPNsense on my Poweredge T630.
Also bought a second hand 1u server (to much pain when i need to google something when the T630 is down), planning to slap in a 10GB qlogic nic for LAN and use the onboard 1GB for WAN.
Bought a cheap i5 (with AES-ni) off of ebay, testing out the performance in the next weeks.
-
Hi,
I've moved over to the GX-420CA box and all seems to be working fine.
Thanks