Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: 10G Firebrick ?  (Read 1293 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
10G Firebrick ?
« on: July 17, 2022, 03:28:24 AM »

Leaving aside Firebrick’s 6000 series or x000 series or whatever, the FB ISP-grade line of routers that are terrifyingly expensive - ~£12k ? - I wonder if there will be a SOHO or small/medium business Firebrick that can route and firewall a full 1 Gbps, or 2.5 Gbps, or 5 Gbps or a no-nonsense 10 Gbps? Does anyone know anything?

I’m not sure that an FB 2900 can fully cope with 900 Mbps or 1 Gbps? (I thought I saw a figure of around 700 Mbps router throughput, but I can’t remember which FB model it was for ?)

AA is going to have to do something about this then pdq, no? I don’t really want to have to go over to the likes of MikroTik, because of the hassle, despite MikroTik being quite sexy kit from the very little I know. I get the impression that MikroTik performance is scary in some of their devices but I really need to read up more.

I would have to work out how to do the config for a different router such as MikroTik, although I know I can get help here of course, and there are MikroTik articles on AA’s support website at https://support.aa.net.uk/Router_-_RouterOS_and_Routerboard. I understand the Firebrick to a certain basic level and love its UI and logical design. But the great thing is that I get awesome handholding, support and remote diagnosis and fixes from AA. I also have tools that can talk to a Firebrick: config upload tool with sanity checks on the config’s appropriateness for the correct model and the correct site!; pulling status info for all attached devices such as modems to give an overall WAN health overview; extract AA account quota remaining info. Just when I’ve finished adjusting to say MikroTik, Firebrick ltd would probably come out with the higher throughput device that I needed earlier but wasn’t willing to wait for.

Another killer for me is my philosophy of ‘where the buck stops’: currently any problem always lies at AA’s door: they can't blame router problems because it’s their kit; it’s their network and even if it’s a BT problem then it’s their responsibility to deal with it for me; if bad modems - they sold me one of my ZyXEL VMG 1312-B10A modems, not all of three+spares; I got the modem config from AA, with only minimal changes needed for my situation including multiple modems because I have an IP-bonded multiple DSL links setup. I have always had a hatred of situations where their is some problem and two or more parties both passing the buck and each blaming the other, passing the problem back and forth, so I’ve always been keen to avoid this possibility as far as possible. So that’s another big reason of sticking to Firebrick.



An aside: When the likes of BT advertise 900 Mbps downstream links for FTTP, do they mean 900 Mbps TCP payload ? ie TCP SDU rate, with who knows what packet size, maybe max-size packets. Is that just to cover them in case someone has never heard of the concept of TCP and IPv4 / IPv6 headers, so that they’re really talking about IP PDU rate ie including TCP and IP headers, as they should do in my opinion because then that is measuring the link, not the protocols. Who is even to say that a particular user is using IP, or TCP ? It’s ethernet is it ? (Not sure, if so, then we need to also include the cost of ethernet header overheads.) Anyway, quoting a figure of 900 Mbps is good of BT, because then no ignorant end users will be misled and disappointed, but it would be good to also quote the true link throughput capability, explicitly stating what protocols’ overheads are counted in the figures from whatever test procedures. What you would get from iperf might be one useful method and I’d also like to see an adjusted figure for true total throughput including all headers, to give the highest possible number.

If you include all headers, would the downstream L2 PDUs figure for BT Openreach PON FTTP be ~1Gbps? Anyone know a more exact number ?


« Last Edit: July 17, 2022, 04:27:04 AM by Weaver »
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: 10G Firebrick ?
« Reply #1 on: July 17, 2022, 03:32:19 PM »

I’m not sure that an FB 2900 can fully cope with 900 Mbps or 1 Gbps? (I thought I saw a figure of around 700 Mbps router throughput, but I can’t remember which FB model it was for ?)

The current FB2900 is deficient when it comes to a circuit configured as 1Gbps. As far as I am aware, it "runs out of steam" with speeds above 750Mbps.

I believe that a few of our regular members, who were Firebrick devotees, have migrated to MikroTik devices once they took a FTTP service. (I think Ixel is one, other members IDs may come to me whilst I'm doing something elsewhere.)

Yes, the underlaying Openreach 1Gbps service is advertised and sold (by ISPs) as 900Mbps to allow for the overheads.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: 10G Firebrick ?
« Reply #2 on: July 17, 2022, 09:36:24 PM »

I wonder if I could get some more speed out of a FB2900 if I could play with the compiler a bit. I have some experience of tuning by using compilers’ optimiser control parameters, and modern good compilers are spectacularly aggressive if you tweak the knobs in the right way. I could also take a look at the hottest, most critical pieces of code. Having come from a world of horrible 8-bit and 16-bit CPUs where optimisation for speed or code size is absolutely critical, I have some years of experience in this. Those ancient processors are not comparable with todays 64-bit architectures and the modern RAM caching systems have challenging behaviour that brings problems unknown in those medieval times. That has required new thinking and it’s something I’ve been looking into over the past few years. In the past where I’ve made code 600% faster and more some techniques from the old days would be counterproductive now but it’s by no means all bad news, not at all.
Logged

Ixel

  • Kitizen
  • ****
  • Posts: 1282
Re: 10G Firebrick ?
« Reply #3 on: July 17, 2022, 10:02:49 PM »

Leaving aside Firebrick’s 6000 series or x000 series or whatever, the FB ISP-grade line of routers that are terrifyingly expensive - ~£12k ? - I wonder if there will be a SOHO or small/medium business Firebrick that can route and firewall a full 1 Gbps, or 2.5 Gbps, or 5 Gbps or a no-nonsense 10 Gbps? Does anyone know anything?

I don't know much about ISP grade Firebrick's, other than the fact that they cost a fair bit.

I’m not sure that an FB 2900 can fully cope with 900 Mbps or 1 Gbps? (I thought I saw a figure of around 700 Mbps router throughput, but I can’t remember which FB model it was for ?)

The FB2900 can't do much more than 700-800 megabits routing throughput, I tried mine on gigabit FTTP a long time ago to see how much it was able to do.

AA is going to have to do something about this then pdq, no? I don’t really want to have to go over to the likes of MikroTik, because of the hassle, despite MikroTik being quite sexy kit from the very little I know. I get the impression that MikroTik performance is scary in some of their devices but I really need to read up more.

Mikrotik makes impressive devices, although RouterOS 7.x was off to a shaky start it has improved. Mine can easily route multiple gigabits with a number of firewall rules and such in place. Making use of fasttrack helps squeeze more out of it, although at the moment I don't need all of that horsepower.

They also have CHR which allows you to have RouterOS on a virtual machine.

I would have to work out how to do the config for a different router such as MikroTik, although I know I can get help here of course, and there are MikroTik articles on AA’s support website at https://support.aa.net.uk/Router_-_RouterOS_and_Routerboard. I understand the Firebrick to a certain basic level and love its UI and logical design. But the great thing is that I get awesome handholding, support and remote diagnosis and fixes from AA. I also have tools that can talk to a Firebrick: config upload tool with sanity checks on the config’s appropriateness for the correct model and the correct site!; pulling status info for all attached devices such as modems to give an overall WAN health overview; extract AA account quota remaining info. Just when I’ve finished adjusting to say MikroTik, Firebrick ltd would probably come out with the higher throughput device that I needed earlier but wasn’t willing to wait for.

It didn't take me long to figure out how to do things in RouterOS that I originally did on Firebrick. Winbox (GUI either as application or web based) helps greatly if you aren't familiar with the CLI.

There's a plethora of tools you can use in RouterOS for diagnostics. Ping, traceroute, bandwidth test, IP scan, torch, to name a few. There's a packet sniffer as well.

You can create scripts on RouterOS. For example, mine has a script which automatically fetches and imports a blacklist of CIDRs every morning. These consist of various blacklists that are mostly listed on FireHOL. Another script I have is to automatically renew the DHCP lease every 15 minutes so that Lightning Fibre doesn't 'timeout' my connection after an hour or so.

A lot of their stuff is good value for money in my opinion.

Another killer for me is my philosophy of ‘where the buck stops’: currently any problem always lies at AA’s door: they can't blame router problems because it’s their kit; it’s their network and even if it’s a BT problem then it’s their responsibility to deal with it for me; if bad modems - they sold me one of my ZyXEL VMG 1312-B10A modems, not all of three+spares; I got the modem config from AA, with only minimal changes needed for my situation including multiple modems because I have an IP-bonded multiple DSL links setup. I have always had a hatred of situations where their is some problem and two or more parties both passing the buck and each blaming the other, passing the problem back and forth, so I’ve always been keen to avoid this possibility as far as possible. So that’s another big reason of sticking to Firebrick.

That's an excellent point, unfortunately one I sort of experienced recently I guess with an ISP 'passing the buck' back to me when they claimed to find nothing wrong on their side - and now at least today I've suddenly got near full gigabit download speed on that ISP's service without making any changes here.

EDIT: I forgot to also mention one feature I love about RouterOS. The ability to connect via MAC address instead of IP address using Winbox. Handy if you have an IP address configuration issue or no IP address configured yet. Similarly to the Firebrick, it has a 'safe mode' option in Winbox which if you lose connection on Winbox while it's activated then RouterOS will undo any changes you did after you activated 'safe mode'. You can also undo or redo individual changes in Winbox.
« Last Edit: July 18, 2022, 10:14:45 AM by Ixel »
Logged

meritez

  • Content Team
  • Kitizen
  • *
  • Posts: 1623
Re: 10G Firebrick ?
« Reply #4 on: July 19, 2022, 12:02:20 PM »

Logged

aesmith

  • Kitizen
  • ****
  • Posts: 1216
Re: 10G Firebrick ?
« Reply #5 on: July 19, 2022, 02:14:58 PM »

EDIT: I forgot to also mention one feature I love about RouterOS.
One of my favourite is the ability to disable lines of configuration without removing them.

It's also worth remembering that the CHR can run fully featured without a licence, just with a performance limit. And it's available as a GNS3 appliance running under QEMU so you can model a whole network just on a PC (or Mac or Linux of course).  For example here modelling recursive gateways which are a little inconsistent in RoS 7 compared to 6.x ..
Logged

Ixel

  • Kitizen
  • ****
  • Posts: 1282
Re: 10G Firebrick ?
« Reply #6 on: July 19, 2022, 04:09:40 PM »

It's also worth remembering that the CHR can run fully featured without a licence, just with a performance limit.

As well as a 60 day trial of P-1, P-10 or P-Unlimited licence levels on CHR which is nice for trying things out without committing to buy it or transfer an existing CHR licence to that instance.
Logged
 

anything