Router for full duplex 1Gbit

Discussion in 'Networking & Security' started by fishie, May 23, 2017.

  1. fishie

    fishie n00b

    Messages:
    42
    Joined:
    May 30, 2013
    Hi guys,

    So, I just got an upgrade on my network side and im now on 1/1Gbit internet, it does test 98x in both directions on my Edgerouter Lite, but it appears that it cannot handle full duplex 1Gbit, when stressing the network I appear to max out at around a total of 1.2-1.3Gbit connectivity which is ~650Mbit each direction.

    I do run the network quite heavily and I would love a router that are able to actually route at full duplex line speed, can you guys give any recommendations?

    I basically just need a router, no wireless needed as I have plenty of APs - The only other requirement is that it can route with 25-30 open ports at 1Gbit full duplex, I dont need anything more fancy than that perhaps besides some VPN connectivity but thats not a must and not a "1Gbit requirement".

    Any help? :D
     
  2. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,405
    Joined:
    Oct 4, 2007
    The ER-L supposedly test with iperf between two devices at around 950Mbps, both ways simultaneously. It is possible that any extra inspection/policies in place is straining the CPU/backplane to minimize packet processing. Have you verified routing data transfers between two host devices?

    Also, have you connected directly to the internet without the router to verify your findings to rule out the router being the culprit?
     
  3. fishie

    fishie n00b

    Messages:
    42
    Joined:
    May 30, 2013
    I have a pretty long and detailed thread on this on the ubnt forums, there's basically a number of things that are going wrong here on their newer firmwares which are causing loads of problems.

    I can pretty easily benchmark 1/1Gbit full duplex on it if it is a simply iper between two hosts on older firmwares, but they have other issues that are not optimal, security issues and stability issues that are fixed in the newer firmwares, those however contain loads of issues related to the flow of UDP/TCP traffic in general, their latest firmwares cut singlethread performance outbound into 1/10th of one of their older firmwares..

    Im not all that unhappy with the ERL, but I would have thought that a company like UBNT wouldnt have run firmwares with degraded performance and basic routing issues since 2014, yes, since 2014!

    On their latest alpha2 firmware right now, the throughput is better, but it still suffers from being unable to actually deliver in my setup which is really basic really as it currently only have two ports open which is all..

    Im seeing lan -> wan ping spikes at even 10Mbit usage which delivers 50-60ms additional latency which makes gaming nearly impossible while still having something like torrents running on another machine..

    My conclusion is that the ERL is fine for 100Mbit users that are not all that heavy, run more than 1 connection on it and it will NOT deliver 1Gbit full duplex from my experience :)

    All issues disappear when I run directly on my ISPs router/modem :)
     
    mrwizardno2 likes this.
  4. mrwizardno2

    mrwizardno2 Limp Gawd

    Messages:
    191
    Joined:
    Jan 20, 2012
    fishie you're spot on about UBNT. I'm always shocked at the people who believe their product to be "Enterprise" grade.

    The closest I've come to what you are asking about is running OPNSense in a VM on my Hyper-V server. The VM has 4 CPUs assigned and dual 10gbE adapters. Pretty easy to push a full gig through, but requires a pretty sizable amount of power. Lots of flexibility, but with how infrequently I truly need full gigabit bandwidth I usually run with the USG-4-Pro as my primary router.
     
  5. fishie

    fishie n00b

    Messages:
    42
    Joined:
    May 30, 2013
    mrwizardno2 - I am actually in the process of putting together a basic "home server" for basic NAS duties, going to run it off an i3-7100 so I might try and spinup a VM on that one and see how it goes but I would really prefer having a static device just for routing so that the internet is not down in case somethings messed up with the server.

    How is the noise on the USG-4 Pro?
     
  6. Vengance_01

    Vengance_01 [H]ardness Supreme

    Messages:
    5,860
    Joined:
    Dec 23, 2001
    Why not a custom pfsense build using those mini pcs on amazon with dual Intel nics
     
  7. gigatexal

    gigatexal [H]ardness Supreme

    Messages:
    7,274
    Joined:
    Jun 22, 2004
    Pfsense on a box with dual Intel gigabit NICs and a 9000 MTU. And done.
     
    Burner27 likes this.
  8. fishie

    fishie n00b

    Messages:
    42
    Joined:
    May 30, 2013
    I have been thinking about doing that, but I wanna be sure that it can actually handle the throughput before committing and I cannot really find any proper benchmarks or details on it.

    It seems to be hard to find proper documentation on what kind of cpu power pfsense requires in a "bare config" to be able to run Gbit speeds.
     
  9. mrwizardno2

    mrwizardno2 Limp Gawd

    Messages:
    191
    Joined:
    Jan 20, 2012
    It's not bad. I have it in a rack with one of the 48 port POE switches and an US-16-XG. Between the three of them, I think the XG is the loudest - it tends to run the fans a little higher than the others.

    The loudest thing in my rack is the DL380P Gen8. Luckily the rack is isolated in the basement. But if it decides to kick up the fans, I'm pretty sure the neighbors know....
     
  10. Farva

    Farva Shens!

    Messages:
    35,446
    Joined:
    Feb 3, 2004
    One guy had an i3 gen 3 that would run Gb internet (well, it was like 960Mbps), so if you have anything new than that, you should be fine.
     
  11. fishie

    fishie n00b

    Messages:
    42
    Joined:
    May 30, 2013
    Thought I would update this, I ended up buying a Mikrotik RB750GR3 or "New hEX" as it is called..

    Works wonders, 80% cpu usage at full duplex 1Gbit with a few firewall rules and portforwards, massively faster than my previous ERL.
     
    Cmustang87 likes this.
  12. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,405
    Joined:
    Oct 4, 2007
    Excellent! Thanks for the update.. I saw this bad boy on their website a few months back and it was a really attractive piece of equipment.
     
  13. Simplyfun

    Simplyfun Gawd

    Messages:
    1,012
    Joined:
    Dec 17, 2016
    To run Gbit? any quad core, any i3, but the recommendation is for a 3+ Ghz quad to give you breathing room so your hardware isn't maxed out once you start adding the goodies that inevitably happen. Generally I like the 3470 because you can get them cheap as hell with lots of motherboard choices and a stick of DDR3 is also cheap.

    I generally agree with these guys, they don't talk about about the bottom much but they're in the business of selling hardware so I don't expect them to.
    http://www.firewallhardware.it/en/pfsense_selection_and_sizing.html
     
  14. fishie

    fishie n00b

    Messages:
    42
    Joined:
    May 30, 2013
    I went the mikrotik route, you can't really beat the hEX given it's size, price and a max power consumption of 3W along with things just working out of the box.

    It runs perfect, no issues so far - Stable and provides the performance I need while still being consistent.
     
    Cmustang87 likes this.