My internet connection is getting upgraded to 10 Gbit next week. I’m going to start out with the rental router from the ISP, but my goal is to replace it with a home-built router since I host a bunch of stuff and want to separate my out home Wi-Fi, etc onto VLANs. I’m currently using the good old Ubiquiti USG4. I don’t need anything fancy like high-speed VPN tunnels (just enough to run SSH though), just routing IPv6 and IPv4 tunneling (MAP-E with a static IP) as the new connection is IPv6 native.

After doing a bit of research the Lenovo ThinkCenter M720q has caught my eye. There are tons of them available locally and people online seem to have good luck using them for router duties.

The one thing I have not figured out is what CPU option I should go for? There’s the Celeron G4900T (2 core), Core i3 8100T (4 core), and Core i5 (6 core). The former two are pretty close in price but the latter costs twice as much as anything else.

Doing research I get really conflicting results, with half of people saying that just routing IP even 10 Gbit is a piece of cake for any decently modern CPU and others saying they experienced bottlenecks.

I’ve also seen comments mentioning that the BSD-based routing platforms like pfSense are worse for performance than Linux-based ones like OpenWRT due to the lack of multi-threading in the former, I don’t know if this is true.

Does anyone here have any experience routing 10 Gbit on commodity hardware and can share their experiences?

  • @kalleboo@lemmy.worldOP
    link
    fedilink
    English
    1
    edit-2
    1 month ago

    Here are some results if anyone comes across this thread in the future.

    The baseline result I need to achieve is a speedtest result of 7.5 Gbit that the ISP’s rental router gives me.

    I ended up picking up:

    • Lenovo ThinkCentre Tiny M720q, Core i3 8100T, 8 GB RAM ($70)
    • Huawei SP310 (Intel X520-DA2/82599) dual 10 Gbit NIC ($20)
    • 16x PCIe riser + Network Card Bracket ($20)

    Initially I installed pfSense. I ran iperf3 to just get an initial sanity check that the PCIe card/wiring was working right but was getting results between 3-7 Gbit with the CPU pegging at 50%. Some quick googling returned results like “you can’t run iperf on pfSense!” and “pfSense isn’t a router, why do people keep using it as a router, it’s a firewall!”, so I decided to switch to OpenWRT since the Linux side of things always seems to make more sense.

    On OpenWRT, iperf easily hit 9 Gbit with like the CPU at 95% idle.

    It took like 2 hours to configure the weird IPIP6 tunnel my ISP uses for IPv4, but once it was set up, the machine has no trouble routing the same 7.5 Gbit speedtest the ISP router managed, with the CPU usage at 78% idle (the remainder in “sirq”)

    Power consumption:

    • ISP router draws a solid 16W both when it’s idle and when there is 7.5 Gbit of traffic
    • The M720q draws 16W when idle and up to 29W when there is 7.5Gbit of traffic. This is with two copper SFP+
    • This is without tweaking any power saving options in BIOS etc