Continuing the “Router rumble” with pfSense 2.3.2 and a FW-7540

Following up from my previous round of router testing, I managed to get a spare Lanner FW-7540 with an Intel Atom D525 CPU to test how my current pfSense 2.3.2 setup compared to an EdgeRouter Lite. The results were well below what I was expecting: the pfSense box topped out at 490Mbit in the 1MB test and was very spiky when looking at the netdata graphs.

The results file is also available if you’d like to look directly at the ab output.

d525_pfsense

Filesize Average Mbit/s Total Failed Requests Notes
10K 145.07 87 10K concurrency test only resulted in 49Mbit. No failed requests in 10, 100 and 1000 concurrency tests.
100K 421.71 4896 No failed requests in 10, 100 and 1000 concurrency tests.
1MB 489.96 3341 No failed requests in 10, 100 and 1000 concurrency tests.

This test fairly obviously shows a ceiling. For WAN connections of over 500Mbit, it looks like something beefier than an Atom D525 is necessary to run the NAT as anticipated.

I also ran some more informal WAN to LAN iPerf3 testing on direct connection (MDI-X), the EdgeRouter Lite and the pfSense/7540 combination to get some synthetic numbers:

Connection iPerf Result
Direct 941Mbit with no retries
EdgeRouter Lite 939Mbit with retries
pfSense/7540 829Mbit with no retries

Given how well the EdgeRouter Lite seems to perform for its price, and since it beats out the more general purpose hardware, I suspect I will be swapping out for an ERL or ER-Pro very shortly.

2 Comments

  1. A note: that’s Linux, not FreeBSD, underneath the ER-Lite. And the ER-Pro. And … damn near every SOHO router out there.

    I know there’s a big meme floating around there that the BSD network stack is magically awesome, but I haven’t seen any concrete reason to believe that. The closest thing to a concrete explanation of “why” I’ve heard is “well Netflix is using it so it must be the best!”… which of course is neither concrete, nor technical.

  2. It’s really interesting to note that even the *1MB* test here tops out under 500Mbps, when the iperf3 run hit just under 900. That 1MB test should – repeat, *should* – be damn near an iperf3 run on most hardware; with a filesize that large, you get plenty of time in between TCP connection recycling.

Comments are closed.