Kitz Forum
Computers & Hardware => Networking => Topic started by: aty on February 04, 2021, 08:10:41 PM
-
Hi,
I have started to replace my BT UK FTTC VDSL FTTC all in one system with separate parts.
So far I have a TP Link Poe switch 8 with/ 8 without.
Wireless is done by 4 Ruckus R500's running Unleashed firmware.
This has been running fine so far.
So now I've started to replace the other end.
I have now purchases a Huawei HG612 3B, so the modem is sorted.
So now I need to get a router and firewall.
I'd like to be able it to handle 2 VPN's and ad blocking.
I'd like it to be able to handle a Gigabit eventually in 18 months time.
Budget is tight, but I'm open to options.
Sometimes it's worth paying more.
Thanks
-
Personally I'd go pfSense (well I DID) on a low power (but high performance) x86 PC for all that, Gigabit can be tricky on consumer hardware and VPNs just further worsen the overhead for that.
I'm really curious how my current unit will handle Gigabit.
-
Qotom units are good. Got a couple of those running opnsense.
-
Qotom units are good. Got a couple of those running opnsense.
Mine was one of those Kettop units off Amazon but it seems it IS a Qotom manufactured unit (my model seems to no longer exist but seems to be this one https://teklager.se/en/products/routers/tlsense-i5-7200U but it was WAY cheaper than that), took ages to arrive but I deliberately chose the highest specced one I could find that wasn't an arm and a leg.
Unfortunately the availability and prices seem to have gone mental, I can't find a Gigabit capable unit that isn't about twice what I paid (£333.30 in December 2018). Also if that website is anything to go by, I seem to have hit exactly the right CPU to get Gigabit over a VPN (still not expecting it tbh).
The important thing is to keep note of the CPU and make sure it has AES acceleration as otherwise the VPNs have much more overhead and could impact routing speed in general. Also at the time pfSense were making AES mandatory although this has been delayed indefinitely, its still worth having CPU support for its benefits with VPNs.
-
If budget is tight, and you don't mind putting in the work to learn how to configure and get the most out of it, Mikrotik offer some very powerful devices very cheaply - e.g. the RB750GR3 for around £50, and claims around 450Mbps IPSEC (VPN) throughput.
With any router, you will need to check carefully that it's compatible with whatever VPNs you want to connect to - there are many different protocols, and many different variants of each protocol.
I don't know if it does ad-blocking, but for that I just use u-block in my browser.
-
I'm using a RB750GR3 as the router/firewall and a rasperry pi running pihole for ad blocking.
-
I am also a pfSense on x86 fan, I also wanted low power so I opted for a APU2 device but I am pretty sure that it would not handle gigabit speeds, mine reportedly maxes out at around 600Mbit/s WAN, probably less in my case as it is load balancing / dual WAN.
So I would guess going for a x86 based cheap Gb capable system is probably not going to be very power efficient
The nice thing about pfSense is that it is free to install for home use and you can try very easily on x86 hardware (or virtually), you could buy a server-pull second hand gigabit quad NIC PCIE card on ebay for £20 and give it a go, might not be very power efficient but could easily handle Gb speeds with the right CPU.
Of course the same could also be said of OPNSense (which I also like) and OpenWRT (personally I am less keen on this one).
Good Luck
-
The nice thing about pfSense is that it is free to install for home use and you can try very easily on x86 hardware (or virtually), you could buy a server-pull second hand gigabit quad NIC PCIE card on ebay for £20 and give it a go, might not be very power efficient but could easily handle Gb speeds with the right CPU.
Unfortunately not as it seems I got really lucky and hit on exactly the minimum spec for that, even there its WAY more power efficient on OpenWRT (Linux kernel has better power management than FreeBSD) but I far prefer the flexibility of pfSense.
So you either pay in the up-front cost, or long term in your electricity bill. Although if you live in a cold climate, you're not really wasting electricity as such as the waste power comes out as heat. A little fact they never mention when they talk about "don't leave things on standby/turned on as it wastes electricity".
-
My server and networking equipment is in my cloakroom, in the colder months I always shut the door at night, and then it's nice and warm when I put my boots and coat on in the morning. There are also some zone valves for the heating in there, so not all the heat comes from the electrical equipment though.
-
> A little fact they never mention when they talk about "don't leave things on standby/turned on as it wastes electricity".
Indeed so, often overlooked.
-
Untangle maybe? I personally prefer the UI to pfsense (which I find a bit too in depth for myself). Although it does have a subscription and I think they've changed the number of devices you can have on the cheapest home option now. I only tried it out for a couple of weeks as for some reason, it makes the Qotom unit I have, produce some really annoying coil whine. Hearing 'eeeeeeeeeee' all the time does start to grind. I can also get pfsense to do it, if I leave the power settings on HiAdaptive. But that's just down to the particular unit I have. I'm half tempted to try a Unifi Dream Machine but that has a fan in it, which might be annoying as well, depending on how loud it is.
-
My i5 qotom is fanless..
-
My i5 qotom is fanless..
Ah yeah, so is mine. I think all the Qotom's (and the various different named ones) are?
-
The top-end unit isn't. https://teklager.se/en/products/routers/tlsense-7400-6p
-
HI,
How does the RB750GR3 compare to something like a ubiquiti er-x ?
-
https://www.smallnetbuilder.com/lanwan/lanwan-reviews/33140-microtik-rb750gr3-hex-router-reviewed
-
HI,
How does the RB750GR3 compare to something like a ubiquiti er-x ?
Hi, I have both er-x and rb750gr3.
The rb750gr3 makes better use of the chipset, as both boards are based on the same processor, but while the er-x is limited to 1gbps throughput using edgeos, the rb750gr3 can manage 2gbps throughput in RouterOS.
The er-x flashed to OpenWRT can do 2gbps throughput, but you don't tend to buy a device to flash aftermarket firmware.
There are other issues on the er-x, the preferred firmware is version 1.10 as 2.0.x is still buggy according to reports.
Any questions please ask.
-
The er-x flashed to OpenWRT can do 2gbps throughput, but you don't tend to buy a device to flash aftermarket firmware.
I think a lot of OpenWRT users do exactly that, I know I did. :P
-
So I bought a USG as I thought I'd just go for s cheaper solution.
But I didn't realise that it doesn't show any realtime info on the network.
It's good for looking at what is being used in hindsight.
So I'm going to get into pfsense,nonsense, untangle.
I don't want a qtom type device, I'd rather buy a used pc which could be repurposed in future if required.
Is anyone aware of a good guide to spec a PC based upon user requirements?
So if I said I want max 500 mbps down 100up I should be looking at i3 or i5 (aes-ni).
Quad core, MHz, .
Then if you want DPI then look at X and 100mpbs Vpn and blocker, cake etc.
Thanks
-
Just bear in mind that the devices sold as "appliances" usually use laptop parts so use a LOT less electricity, its one of their big advantages over a standard PC.
I halved my power consumption when I moved over to an appliance from a low-power CPU in a standard motherboard. The chipset alone in a desktop board can consume as much as the whole PC using laptop parts.