If anybody is interested in a pfSense firewall, I have plans to build half a dozen or so based on a stock of multi-port Gigabit Ethernet cards I have on hand.
I finished the first one today and I've listed it on eBay. I would sell at a lower price privately due to the fees. If you are interested please contact me for the friends and (Flex) family discount and other details. My email is good on qrz.com.
I built an identical one for myself and they are really great firewalls, and future proof considering the AMD CPU has AES-NI, so it will be compatible with the next major release of pfSense.
Danny
K5CG
I finished the first one today and I've listed it on eBay. I would sell at a lower price privately due to the fees. If you are interested please contact me for the friends and (Flex) family discount and other details. My email is good on qrz.com.
I built an identical one for myself and they are really great firewalls, and future proof considering the AMD CPU has AES-NI, so it will be compatible with the next major release of pfSense.
Danny
K5CG
Posted 1 year ago
K6OZY, Elmer
Can it sustain 1Gbps ~ (950Mbps realistically) both directions? I'd like to see some iperf reports if so.
I'll get some iperf results from another machine through one of these to the iperf server running on my "production" pfSense over GigE Ethernet.
If I were to put a 10GbE card in it and run an iperf test to another 10GbE connected machine, would that be useful to know?
If I were to put a 10GbE card in it and run an iperf test to another 10GbE connected machine, would that be useful to know?
K6OZY, Elmer
Yes that would be great. That would remove the 1Gbs bounce off 950mbps limit. I've been looking for the lowest cost pfSense build that can sustain gigabit.
This unit surprisingly can handle gigabit: https://store.netgate.com/MBT-4220-system.aspx I tested this with iperf.
This unit surprisingly can handle gigabit: https://store.netgate.com/MBT-4220-system.aspx I tested this with iperf.
(Edited)
I ran an iperf test from my current pfSense FW as the client to a freenas server as the server over CAT5. The CPU in the T620 hit 41% during the test.
Client connecting to 192.168.1.12, TCP port 5001 TCP window size: 64.2 KByte (default) ------------------------------------------------------------ [ 3] local 192.168.1.1 port 30289 connected with 192.168.1.12 port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.0 sec 958 MBytes 804 Mbits/sec
K6OZY, Elmer
Hmm. That’s not quite gigabit saturation. With TCP overhead, you should be able to run the test for as long as you want and have it be close to 940-950Mbps sustained.
Well, this is my "production" firewall which has a bunch of services running too. pfBlocker, ntopng, OpenVPN server. I'll be able to do a cleaner test once I build the next one. Due to arrive on the 24th. I can also do the 10GbE test on that one. More to follow...
