Routing between VLANs: how fast Atom C3558 can push?

Started by 134, March 23, 2021, 08:41:57 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 23, 2021, 08:41:57 AM Last Edit: March 23, 2021, 08:46:45 AM by 134
I'm planning to build my home network around router-on-stick fashion with Opnsensen installed on a C3558 board, but i don't now what's the throughput Opnsense can route between network segments, mainly from my workstation to NAS in another VLAN.

I looked at performance of Netgate XG-7100 because it has same CPU and both projects probably are similar in routing capability. It says 18 Gbps routing and 6 Gbps firewall but i'm not sure what those number means. With several simple access/deny rules I have in each VLAN, can I reach 10 Gbps? Or perhaps the number will just be 5-6 Gbps as XG-7100 advertised? Would increasing amount of RAM from 8GB to 16GB improve this routing performance?

March 25, 2021, 03:25:35 AM #1
Cant speak to the atom directly. But i have a Celeron J1900 which is...similar if not slightly more performant.

http://cpuboss.com/cpus/Intel-Celeron-J1900-vs-Intel-Atom-C2558

My network can run gigabit non-routed without issue. aka switches arent an issue.

Pure routing mine does ~500-550 Mbits/s on standard iperf test (theres other streams routing while i run this test...maybe 15-30 Mbps). Both with and without -d (dual)

note: sorry for the external link, i dont know how to attach images inline here.

https://imgur.com/a/LxEVhhz

Throw Suricata in the mix and I'm closer to 130 inter-vlan as it inspects the traffic both ingress and egress.

https://imgur.com/a/XgS6ZIm

Though i can push my ISP tier (240 Mbps) across the WAN (where Suricata is only inspecting the traffic once)

Ultimately WAN is all I care about. Anything I want faster than 130 Mbps I'll stick on my main LAN.
March 26, 2021, 10:16:41 PM #2
Quote from: scot on March 25, 2021, 03:25:35 AM
Cant speak to the atom directly. But i have a Celeron J1900 which is...similar if not slightly more performant.

http://cpuboss.com/cpus/Intel-Celeron-J1900-vs-Intel-Atom-C2558

My network can run gigabit non-routed without issue. aka switches arent an issue.

Pure routing mine does ~500-550 Mbits/s on standard iperf test (theres other streams routing while i run this test...maybe 15-30 Mbps). Both with and without -d (dual)

note: sorry for the external link, i dont know how to attach images inline here.

https://imgur.com/a/LxEVhhz

Throw Suricata in the mix and I'm closer to 130 inter-vlan as it inspects the traffic both ingress and egress.

https://imgur.com/a/XgS6ZIm

Though i can push my ISP tier (240 Mbps) across the WAN (where Suricata is only inspecting the traffic once)

Ultimately WAN is all I care about. Anything I want faster than 130 Mbps I'll stick on my main LAN.

It's C3558 not 2558 and it's noticeably beefier than J1900. It can do LAN routing at 1G, i'm just wondering what's the reasonable limit so I could make my decision on whether upgrade to 10G link between hosts.
Print
Go Up Pages1
User actions