CPU recommendations for 1Gbps w/PPPoE

Started by ck42, February 18, 2022, 05:12:49 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3 4
User actions
June 16, 2023, 05:33:02 PM #30
Awesome find. Would explain the behavior I had on my previous hardware, because I don't remember the CPU being that busy. It had to be at least partially responsible, but combined with the NIC limitation, the picture becomes clearer.
June 17, 2023, 10:46:57 AM #31
I'm also running a J3160 (Protectli FW4B) and have just upgraded to FTTP after 2 1/2 years of 4G!

Anyway, it's probably frowned upon here but after experimenting I've settled on using the ISP provided router for pppoe, switched off NAT and pointed the DMZ to my Protecli box. I don't appear to be suffering any disadvantages except for the extra box, and handing off pppoe gets around the OpnSense issues.
November 25, 2023, 04:25:42 PM #32
What sort of latency might I expect with a current 'cheap' cpu like a N100 using pppoe at 1 Gbps?

I see a lot written about throughput, but latency concerns me also. With my current mass-market fritzbox I'm getting around 4-5ms to london, occasionally 3ms. I am 80km away. Local lan latency sits around 0.3ms. It all seems rather decent. I'm thinking of trying opnsense, but only if I can have similar latency.

Will probably go for an aliexpress box... with intel 226 adapters
November 26, 2023, 06:52:20 PM #33
Quote from: mimugmail on February 18, 2022, 05:18:50 PM
If you read all the forums you'd know that GB and pppoe is a huge trouble in BSD world. You would need very high clock rate, no matter how many cores, since it's single threaded. And no guarantee you'll get full throughput.

It this is still true today, does this mean "don't use opnsense" if you want to get throughput around 1 Gbit/s? Is that the conclusion? Because in that case i could stop looking for a better hardware and rather start looking for another firewall software.
November 26, 2023, 07:09:33 PM #34
Has anyone tried this?

Quote:
As for performance, APU2 can NAT at full Gbit on Linux and 650-700 on pfSense (see benchmarks here https://teklager.se/en/knowledge-base/apu2c0-ipfire-throughput-test-much-faster-pfsense/ 38 and in the other article where they mention OpenWrt being at 1Gbit on single or multi streams, because Linux https://teklager.se/en/knowledge-base/apu2-1-gigabit-throughput-pfsense/ 22 ).
It also has AES-NI crypto acceleration.
They mention "with a new bios" for the pfsense performance because new BIOS enables CPU boost to 1.4 Ghz so the CPU can clock higher when only a few cores are loaded (as I said BSDs can only run the interrupts on a single core)

Source;
https://forum.openwrt.org/t/tips-for-getting-cheap-used-x86-based-firewall-with-full-gbit-nat-a-pc-engines-apu-if-you-are-in-the-us/104490
November 26, 2023, 07:13:14 PM #35
Okay, not worth trying it...

Quote:
Only 1 CPU core will receive the full PPPoE network traffic, regardless of how many different flows are inside the encapsulated stream. Because a single core running at 1.0-1.4Ghz is insufficient to process the full Gigabit network traffic, you will never be able to reach 1 Gbit routing traffic using an APU2/3/4 board with BSD operating system. 1 CPU core is 100% utilised, while the other 3 CPU cores are IDLE.

Source:
https://teklager.se/en/knowledge-base/apu2-1-gigabit-throughput-pfsense/
November 26, 2023, 07:35:47 PM #36
A DEC650 from Deciso easily manages to do 1G with PPPoE. Just saying. APU devices are old. Like in stone age old. I like their design, I also like Soekris Geode based devices.  ;) You get the idea.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 26, 2023, 08:56:56 PM #37 Last Edit: November 26, 2023, 09:38:32 PM by inorx
First, sorry, i meant APU4, not APU2. My bad.

I also get the difference on the price tags. Just checking the prices, haven't yet found the 650, but the 630 is around 650 EUR.

As you wrote: APU2 is old (as well is APU4). As cpu and electronics prices have dropped constantly (with the corona exception), in the same price segment of an APU4 i would expect a more powerful device today. Shouldn't be that hard, as most of the components specifications could stay the same, only thing needed is double the boost frequency, as obv. not much more is needed if the OS would be offering multi-processor support for these kind of network applications.

So, i understand you're saying there is no such replacement, which means, for a lot of home users who would like to benefit from > 300 Mbit/s their ISPs are offering, opnsense isn't the solution to go with?
November 26, 2023, 10:31:52 PM #38
I will give an J4125 a try.
4 cores, clock speed 2 GHz, boost 2.7 GHz, passmark only about 4% below a J5005 on single thread performance.
Price tag for a configuration with 16 GB RAM and 512 GB ssd currently around 160 EUR (pot. plus MwSt.)
10 Watt, fanless, however looks like some additional heatsinks might be suitable.
Will share the results, might take a while.

November 26, 2023, 11:21:39 PM #39
All these passively cooled appliance style mini systems are expensive, granted.

For the hobbyist short on cash, why not a used desktop board? Or virtualise on that proxmox system you have running for a homelab, anyway?

Yes, FreeBSD PPPoE performance could be improved. But it's not "abysmal". I wonder if Deciso and Netgate are the only ones offering those "netboard" designs with AMD SoCs.

The DEC650 cost us 600+something at the time. It's been replaced by the current models. For business use that's a no-brainer. All my former Sidewinder customers bought from Deciso without thinking twice. Migrated everyone to OPNsense. "1500€ one time for the rackmount system and no yearly fee? Shut up and take my money!"  ;)
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 27, 2023, 12:02:51 AM #40
Quote from: inorx on November 26, 2023, 10:31:52 PM
I will give an J4125 a try.
4 cores, clock speed 2 GHz, boost 2.7 GHz, passmark only about 4% below a J5005 on single thread performance.
Price tag for a configuration with 16 GB RAM and 512 GB ssd currently around 160 EUR (pot. plus MwSt.)
10 Watt, fanless, however looks like some additional heatsinks might be suitable.
Will share the results, might take a while.

I have two of these running at 1 Gbit/s no problem. One even has old I210 NICs.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
November 27, 2023, 09:32:55 AM #41
with the setting from my previous post I was able to get 1Gbps PPPoE with j3160, J4125 (as reported here) handle 1Gbps PPPoE w/o tuning, most probably N100 will handle 2.5GBps PPPoE without issue

https://www.cpu-monkey.com/it/compare_cpu-intel_celeron_j3160-vs-intel_processor_n100
November 27, 2023, 10:08:07 AM #42
Yes, they will. Unless they run unstable because of buggy CPU microcode. Luckily, there now is an option to make them work.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
November 28, 2023, 01:13:14 AM #43
I have tried both J4125 and J5005 - both work great with Zenarmour and 1gig symmetric PPPoE direct from OPNsense to the ISP ONT (gigabit RJ45)

Don't know if they were needed, but I used the tunables earlier in the thread as well...

For a cheap J5005 box, I had a Wyse 5070 Extended with Intel I350 card from eBay.
9w idle at the wall with a kill-a-watt, and virtually silent
December 04, 2023, 01:44:48 PM #44 Last Edit: December 04, 2023, 03:23:24 PM by MJeck
Hello

Today I got a Gigabit Vodafone fiber optic connection, I get 850 Mbit/s down and 520 Mbit/s up stream.
Intel J4125 and 8GB RAM.
Zenarmour is actively testing.

https://www.vodafone.de/media/downloads/pdf/GigaZuhause-1000-Glasfaser-dg.pdf

Best regades

Markus
Print
Go Up Pages 1 2 3 4
User actions