Messages

Do you think some version of Ryzen embedded (may be something based on new Zen 5?) will be able to handle  full 10 Gbps port to port throughput in a lower power form factor like DEC750?

Well, hopefully something can change for the better. There are open source routers, but I haven't really seen open source switches, especially for home networks (not talking about datacenters) and even more so when it comes to 10 Gbps / SFP+ switches.

May be once AMD embedded CPUs will progress far enough to handle multiple 10 Gbps ports in a small form factor package, there won't be a need for any closed ASICs.

This switch/router, depending on which version of OS you use like RouterOS / SwitchOS will behave as switch or router. That OS is optimised to use a discrete switch chip, in this case a Marvell 98DX3236. You see now the main difference, switches have a switch chip.The OS can offload switching packets duties to said chip.
OPN on the other hand is an OS that is not leveraging these chips in a general-purpose amd64 machine that doesn't have them, so it has to do all the switching/forwarding using the CPU as Patrick said.

I mean if Marvell 98DX3236 has open drivers, how hard is it to add support for it in FreeBSD / Opnsense? Or there are no chips with open drivers like that?

UPDATE:

I see this: https://lore.kernel.org/lkml/20170106041517.9589-1-chris.packham@alliedtelesis.co.nz/T/

OPNsense does not support any proprietary switch hardware.

There are no open specs for ASICs that can do that kind of task? I.e. may be Deciso can develop one and then it can be supported by Opnsense.

It cannot. All packet forwarding is done by the main CPU.

How does it work on real swtiches (something like Mikrotik CRS305-1G-4S+IN), it uses extra hardware to offload the CPU?

What about managed switches? They run their own OS anyway. Can Opnsense work just for switching purposes or it's not optimized for it?

While DEC750 - 850 are nice devices, they only have 2 SFP+ ports. Would you consider making a small form factor switch with 4 or more SFP+ ports?

It seems possible since Mikrotik made CRS305-1G-4S+IN which has 4 SFP+ ports and is using way lower end hardware than DEC750. It would be nice to have such kind of switch but running open source system like OPNsense.

Thanks!

I see, thanks.

It's still not very clear.

Let's say I have such scenario:

* One 10 Gbps SFP+ on DEC750 is connected to WAN.
* Another 10 Gbps SFP+ port is connected to a switch (that supports 10 Gbps).

Some device is connected to that switch as well.

What would be the total throughput between that device and WAN if firewall is active?

Official Opnsense hardware like DEC750 lists two metrics: firewall throughput (10 Gbps for it) and firewall port to port throughput (8.5 Gbps for it). What exactly is the difference and what does it mean?