5/5 BGE internet - Required router specifications
5/5 BGE internet - Required router specifications
I'm moving to a new place and decided to upgrade my internet connection. I found fiber at 500/500mbit, but the company offered 5/5gbit for the same cost, so I went ahead. After everything settled, I received a call from them asking if I wanted just the modem or the full router package, which were quite pricey. They mentioned it wasn't the best router setup and suggested getting just the modem. They also said the modem supports 10gbe over SFP+ port. Are there consumer routers that can work with an SFP+ port to create a local network? Or would I need to build my own router? I have a server running, a 4790k on an old Z board, with a 10Gbe NIC, but I don't want to turn it into a router since it's already functional for other tasks. I need something reliable and robust that can handle heavy use. Any suggestions, maybe a rack-mounted option?
This article completely captures my attention and makes me feel very envious. I’m not sure what you’re asking, but honestly, it’s impressive.
You're looking for a router with solid performance for basic tasks like packet inspection. For something more capable, an edge router from Infinity is ideal. PFSense is an option too, but you'll need a fast system—something like an Xeon E3 grade server. A used Dell R320 would work well as a rack-mounted setup.
You already have a solid setup with a Ryzen 1700X and a motherboard. Adding a 10GbE SFP+ NIC and enabling PF Sense could enhance performance, especially with the existing 8GB RAM. It should work well for your needs.
Your choices will be constrained. The Netgear X10 won’t work due to limited ports—only 1GB on the LAN side. You might link them for a 2GB setup, but it’s mostly theoretical. Now you have real options. You’ll need an SFP+ with 10GbE, a switch, and possibly a firewall. If you’re flexible, a half server rack could fit in. You can cut corners, but security will be compromised. A switch with ACLs is an option, though it’s not ideal. If you manage to locate a commercial gateway, it could handle the role. This device would act as router, firewall, and switch, requiring SFP+ on the remote side and at least one 10GbE port on the LAN—switching can help distribute bandwidth if needed.
We already have a server rack with a 16-port 10GbE switch and a running server. Adding a PC for routing isn’t a big problem. Switching to APs using PoE would be a good idea, though I haven’t tried it before. It seems pretty straightforward to set up. The fiber option from the provider costs around 1000 DKK (about 160 USD) for the modem and installation, but they’re asking for 18,000 DKK to replace the modem with a router. That’s a significant expense. Right now we’re focused on finishing the house construction—every wall has Cat 6A. The rack is ready, so it’s mostly hardware. I’m considering an XS716 T 16-port Netgear switch.
Setting up pfSense is essentially following the installation guide. Once comfortable with the interface, handling advanced firewall tasks becomes quite manageable. It provides far more detailed settings than a typical consumer router, even when running on platforms like OpenWRT—features you can safely skip unless required. You’ll find it offers extensive customization beyond basic needs, making it useful as you progress. (such as routing clients via VPNs, enforcing DNS over local cache, applying blocklists for suspicious IPs, etc.) A solid CPU is essential; most recommendations suggest an i5 for Gigabit speeds, though the exact choice depends on your setup. Since you already have many components, testing it with a Ryzen would be ideal. You probably won’t need to enable QoS given the bandwidth, and you’re more likely to run into network limits first.
the system shows no bias for Intel CPUs; using the 4790k works fine, but I’d prefer the Ryzen for servers since it performs better in transcoding than the 4790k. I watched the Level1 tech video with Wendell and think an I5 2500k is sufficient, though I’m aware that even with my 500/500, running custom firmware on my AC68 can limit speeds to 200-300mbits due to CPU constraints. Pure hardware would help, but I have a 550/550 model. Running everything in software still requires CPU power. I also have an older X99 board, which should lag behind the Ryzen in raw speed. I’m not sure what to do yet. I’m hesitant about buying another router and don’t want full control over my internet connection. Plus, 5Gbps is unlikely to be needed anytime soon.
You can test pfSense on each device and see how it handles multiple clients connected via 10Gbps. Configure pfSense using DHCP for WAN and a separate private network for your main LAN. Ensure a client is running at 10Gbps to pfSense, then connect a 10Gbps machine to the pfSense LAN port. Execute iperf3 on the main LAN side as a server and on the pfSense LAN side as a client. This will give you an estimate of the raw bandwidth pfSense can process after NAT handling between your local network and the internet.