Jump to content

New PFSense build to achieve 1gbit throughput

OliOliOli
By OliOliOli
in New Builds and Planning
 Share
Posted

Budget (including currency): £400

Country: UK

Games, programs or workloads that it will be used for: PFSense Firewall

Other details:

I currently have this spec firewall running pfsense

 

Intel(R) Celeron(R) CPU N2930 @ 1.83GHz

4gb RAM (no idea on speed / spec)

250gb hdd

 

It is a ~2014 Logic Supply Passive Industrial Firewall and has served me well for 8-9 years - i've recently upgraded to 1gb home internet and the max download i get through the firewall is 690mb/s.

My provider has proved the cable coming into the property can see 990-1300mb/s and have after a lot of troubleshooting suggested swapping out the firewall with something a lot more modern.

 

First question - should the above spec be able to get above 690mbps? I realise its old, but dont know how to quantify its highest possible performance. 

Second - is this upgrade ridiculously overskill?

 

I would add in a dual 2.5gb lan card to handle the networking in addition to this

 

https://uk.pcpartpicker.com/list/HPFPBj

image.thumb.png.070d2fb572de161e66f9cccc89aef48a.png

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

What model number is your firewall?

 

The specs you listed do not include the motherboard.  Judging by what you listed,  this is an old computer.

 

The parts you listed would give you a modest computer.  What will you be using it for? The SSD is too small for good gaming.

I've been using computers since around 1978, started learning programming in 1980 on Apple IIs, started learning about hardware in 1990, ran a BBS from 1990-95, built my first Windows PC around 2000, taught myself malware removal starting in 2005 (also learned on Bleeping Computer), learned web dev starting in 2017, and I think I can fill a thimble with all that knowledge. 😉 I'm not an expert, which is why I keep investigating the answers that others give to try and improve my knowledge, so feel free to double-check the advice I give.

My phone's auto-correct is named Otto Rong.🤪😂

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Personally I always would rather be a bit on the side of overkill, rather than be underpowered. Taking the firewall out of the loop should quickly tell you if it's those LAN ports holding you back. Also make sure it's not a cable on your end. 

 

I ended up using a NUC with dual 2.5 GbE ports for my pfsense build. I get full speed out of my 1G internet. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

It does feel a little overkill...

 

A lot of folks are running fairly low power mini-PC's with Gemini Lake or similar "Atom" class CPU's as routers without issue even at gigabit speeds.

 

I would check out r/pfsense on reddit and get some examples

 

Is the machine just doing pure NAT? or are you doing a lot of packet shaping/analysis or VPN?

 

I use a Wyse 5070 for instance (the extended one can take a PCIe NIC) and while i dont have gigabit internet, i've seen a few reports of people using those on gigabit connections no probs. And it ticks along at 6w rather than 25+ you'll likely find a desktop PC will use.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing New Builds and Planning

×