100Mb vs 1Gb router latency?

C

cyclone3d

[H]F Junkie
Joined
Aug 16, 2004
Messages
16,305
So I just did a bit of testing between my ClearOS box with a dual port Intel 1Gb PCIe card and a Juniper SSG5 w/256Mb RAM which only has 100Mb ports.

My modem is a Motorola SB6120 which has a 1Gb port on it.

Setup is as follows for both setups.

modem -> router
router to 8-port Netgear 1Gb switch.

Using speedtest.net I constantly get 10ms pings with my ClearOS box and 16-18ms pings with the Juniper SSG5.

Throughput seemed to be about 1-2Mb slower as well for downloads with the Juniper SSG5. This is with a 50/5 connection.

The SSG5 specs say the max throughput is 160Mb/s.

The CPU and RAM usage on the Juniper was pretty low as all I set up on it was the routing.

Is this sort of thing normal for just 100Mb vs 1Gb ports?
 
Sounds more like a comparison of bus speed to me.

The juniper most likely has a lower speed, higher latency bus between the cpu and nic's. The tradeoff is lower power usage most of the time.

Could be a software issue too, make sure you have the latest firmware.
 
bds1904 said:
Sounds more like a comparison of bus speed to me.

The juniper most likely has a lower speed, higher latency bus between the cpu and nic's. The tradeoff is lower power usage most of the time.
Click to expand...

Yeah, that came to mind as well. I didn't really expect there to be that much difference though when only 1 device was being used.

I reset the Juniper to factory defaults and updated it to the latest OS release today.

So much for a lower power setup for now I guess.

I found a page for troubleshooting ScreenOS and it says to expect a reduction in throughput. It says if you get 10Mb without the firewall in line, then expect to get about 7-8Mb with it in line.

http://network.mwzip.com/wiki/ScreenOS_Troubleshooting

Now that I think about it, I am pretty sure that my latency went down when I switched from my old ClearOS box to the one I run now.

Same NIC, except it was running a single core lower clocked socket 754 Sempron instead of a dual core AM2 Opteron.

Pretty sure the Sempron setup had lower latency than the 1Gb Netgear router I had been using.

Makes me wonder what kind of latency I would get if I was running more recent hardware.
 
You would get better performance and lower power usage with a modern integrated router such as a $100 ubiquiti edgerouter lite, $50 edgerouter x or $40 mikrotik routerboard hex lite (rb750r2).

The ubnt devices are easier to set up and the edgerouter lite offers the highest performance at near gigabit routing speeds. The mikrotik offers about 300-400mbit routing speeds (total, it has 100mbit ports) with a good firewall in place but is harder to set up. Not terrible to set up, just takes some reading. If you want a gigabit router from mikrotik look into the rb2011 series. If high-speed VPN (more than 15-18mbit) is a desired the best bets are the edgerouter lite for $100 or a ccr1009 for $425.

IMHO the mikrotik devices have a better firewall that includes port scan detection capabilities and better flood protection with auto-blacklist functions that are easy to set up.
 
bds1904 said:
You would get better performance and lower power usage with a modern integrated router such as a $100 ubiquiti edgerouter lite, $50 edgerouter x or $40 mikrotik routerboard hex lite (rb750r2).

The ubnt devices are easier to set up and the edgerouter lite offers the highest performance at near gigabit routing speeds. The mikrotik offers about 300-400mbit routing speeds (total, it has 100mbit ports) with a good firewall in place but is harder to set up. Not terrible to set up, just takes some reading. If you want a gigabit router from mikrotik look into the rb2011 series. If high-speed VPN (more than 15-18mbit) is a desired the best bets are the edgerouter lite for $100 or a ccr1009 for $425.

IMHO the mikrotik devices have a better firewall that includes port scan detection capabilities and better flood protection with auto-blacklist functions that are easy to set up.
Click to expand...

I am not wanting to spend any money... and I already have a good setup.

The Juniper is a retired unit that I just wanted to play around with before deciding if I wanted something like that or not.

I ended up doing some research and found a site that reviewed a bunch of different free and/or open source UTM software.

Ended up slapping another drive in my ClearOS box and installing the home version of Sophos UTM on it.

So many more things than ClearOS comes with. Better GUI, better filtering, better free AV, etc. The live logs on it is a huge plus.

Also found out that most of the speedtest sites do not use an actual ping, but timed http and https requests... so the ping meter isn't all that accurate in the first place.

https://www.sophos.com/support/knowledgebase/119460.aspx
 
Just remember you are paying for power to run an inefficient box. It could be worth your time to look into a lower power solution.
 
bds1904 said:
Just remember you are paying for power to run an inefficient box. It could be worth your time to look into a lower power solution.
Click to expand...

I really should pick up a killowatt device so I can check the power draw of my systems.

In any case I switched form an old 80GB HDD to an old Samsung 128GB SSD that is rated at 5v 0.22A (1.1W), so that should help a bit.
 
I have a gut feeling that the SSG5 does something more than just forward the packet. You should see ~1ms latency using cable in general doing NAT.
//Danne
 
diizzy said:
I have a gut feeling that the SSG5 does something more than just forward the packet. You should see ~1ms latency using cable in general doing NAT.
//Danne
Click to expand...

~1ms latency to what? Stuff on the local network?

And of course it does more than just forward the packets.. but I didn't have anything special set up on it.

Maybe I should hook it up again and verify that the firewall is completely disabled.
 
You must log in or register to reply here.
Back
Top