Hi all,
I'm thinking of replacing my Intel N series Chinese job for an official DEC750, the newer one with 2.5G Ethernet.
I'm used to doing all sorts of tunables for the N series.
I was wondering, if I wanted to put Community Edition on it, what would I need out of the box after a fresh install?
It would be used for routing only via SFP+, 5 gig (leased line), no NAT, or IDS or anything.
I'm assuming the AMD chipset as a minimum but just wondered what else I might need. I read about configuring RSS etc, but thought I'd ask the experts.
Thanks for any input.
p.S: it's 5Gb on a 10Gb bearer, so both sides are 10Gb.
If you use the N100 and higher series just for L3/L4 FW and routing it should have enough performance to route 5 to 10G.
You actually don't need to do anything out of box per say, if you choose such device that has fully supported NICs. There is a simple rule "do no tune for the sake of tuning." Tune only if you really need it.
Just be aware of few things:
1. Get a miniPC that has supported NIC, this goes for the TE and well SFP+
2. Be aware of temps. These miniPCs are small and SFP+ can increase temps quiet a lot of them.
3. Stability is sometimes questionable in regards of memory. You could hit such a box that will have problem with memory modules and you will have to try out various ones.
Regards,
S.
This is exactly why I'm looking at the DEC750.
I'm using an N100 in a business scenario already, which recently is displaying odd behaviour.
The price of the DEC is acceptable to the business, but I prefer to run community edition.
Rather than buying more Chinese variants on AliExpress, I'd rather get supported hardware for the job and hope, it just works.
I appreciate I'd have to fiddle with importing the config due to interface names, but hoping the DEC750 can directly replace the N100...which does currently route the 5 gig with no issues.
One of the best things about DEC is they provide specs. Specs in regards of performance.
System Performance
Firewall Throughput 10Gbps
Firewall Packets Per Second 830Kpps
Firewall Port to Port Throughput 8.5Gbps
Firewall Port to Port Packets Per Second 719Kpps
Concurrent Sessions 7000000
Firewall Latency (average) 150us
Firewall Policies (Recommended Maximum)1 10000
IPsec VPN Throughput (AES256GCM16) 1.2Gbps
IPsec VPN Packet Per Second (AES256GCM16) 107Kpps
Threat Protection Throughput Packet Per Second ~85Kpps
Threat Protection Throughput ~1Gbps
High Availability with State Synchronisation Requires Two
These specs are created by testing, their HW on their OS (OPNsense). So there is a guarantee that if you buy the official HW you should get this performance. When you buy the DEC it comes with 1y of BE, but nobody is stopping you to slap there CE right away. There is a lot of ppl that run DECs but using CE on them cause they like to get the newest features.
The MiniPC knockoffs are not bad, I am happy to see that we can run OPNsense on various HW. But if you do not want to tinker, or have enough of potential random stuff, going for DEC is the way.
Even tough I am running all my stuff of these knockoffs, I will always advice to go for DEC. Cause its a quality device and looks sexy. And not everyone has the strength to tinker.
Regards,
S.
I also agree.
I'm currently running 4 different OPNSense on the Chinese hardware, with no major issues, but as this is so critical for work, I think I'd feel better with a DEC.
The device in question is an R86S-G2, which has a super weird issue it has developed with one of the SFP+ ports which can be resolved by rebooting x number of times, but causes me a headache after upgrades. I have ordered another one, but it's going to take a month to get to me, so thought, why not just buy a DEC.
I'll look into ordering the DEC750 tomorrow, and see if I can import my config....
I have a few DEC750 and I run development, community and business versions on them and scrap their setups all the time to build new test setups.
One also runs as my main router with the community version.
Theres no limit in which software you can run. Its also very stable, nothing weird ever happens.
(Disclaimer I work for Deciso)
Migrating config between HW is actually easy, usually.
What you need to know is what are the names of the NICs on the new device. On you have it you just edit your config and replace the current interface name with the new one. After that you import it to new device, reboot and done. This is how I migrated HW from (APU) igb to (N5105) igc.
Regards,
S.
Quote from: Monviech (Cedrik) on December 07, 2025, 09:21:43 PMOne also runs as my main router with the community version.
I will nitpick :D.... Your signature says you use the older 740...
Regards,
S.
This might have a work-around (I'm curious to know) but my concern about DEC750 is the single USB port. The procedure for importing configs on a fresh install requires two ports in tandem: https://docs.opnsense.org/manual/install.html#opnsense-importer
Can you just pull out the live installer USB and insert the second one when prompted, then swap back?
Also curious: Ryzen V1500B supports ECC. Is it used?
Otherwise, from what I can tell, the N100 and embedded Ryzen are quite similar with tradeoffs mainly in clock speed (routing) vs. threads (VPN capacity, etc). Slight edge to N100 for power draw. Probably the edge goes to Ryzen for stabilty and lack of "quirks."
Design, hands down, goes to the DEC. If I have the budget for it, that is the device I would prefer to look at :)
The DEC740 is not older its the same as the DEC750 with 4GB/128GB instead of 8GB/256GB.
Regarding restore I usually advice to disregard the config importer during installation and just import in the WebGUI afterwards, way easier (for me).
As far as I know ECC isnt used.
Quote from: Monviech (Cedrik) on December 07, 2025, 10:06:58 PMThe DEC740 is not older its the same as the DEC750 with 4GB/128GB instead of 8GB/256GB.
Oh yes you are right!
I always forget there are 2 versions of DEC per its class.
Regards,
S.
I have ordered one this morning, FedEx priority shipping to the UK, so hope it will be here soon.
Fingers crossed...
Nice I hope you will like it, I think its great hardware.