5/5 BGE internet - Required router specifications
5/5 BGE internet - Required router specifications
You might consider using VyOS or something similar. PFsense is straightforward and provides stronger firewall/IPS capabilities. Snort could be quite taxing on the CPU at those speeds. You’d likely find either option works well. That i7 processor should handle routing at 5 Gb efficiently. I tested a Mikrotik CHR running at 1 Gbps with basic rules—without fastpath it used about 40% of an i5 3330 core. If this matters for your setup, you could even explore running the Mikrotik CHR locally, though the 10G license costs around $95 and includes a 60-day trial.
In your setup you can receive up to 5/5G to your residence. Most companies in the UK won’t cover such speeds. If you’re running pfSense, I managed a throughput of around 6.7Gbit/s between WAN and LAN using this configuration during tests, though it heavily relies on packet sizes. Achieving a real 'line rate' 10G with filtering usually needs powerful hardware. Communication between VLANs improved slightly thanks to the larger MTU (9000) on internal ports, but your WAN port will likely be 1500 or 1508 if using PPP for ISP access. If you connect via PPP, you might run into issues since the current PPPoE setup is single-threaded on a Dell R610 with two Xeon CPUs, 32GB RAM, and a few unused SSDs. When I return home, I’ll apply the custom network settings. The hardware seemed to struggle because interrupts were affecting CPU threads.
It's fascinating to see that detail about PPPoE. I suspect the uneven heating between cores is likely due to that issue. It's hard to believe how frustrating PPPoE can be for high-speed connections, it's always been a big limitation on the routers I've used. I hope with speeds like 5G or even 5GHz it operates smoothly without needing DHCP from a network adapter.
Pushing PFSense to its limits, how many IP addresses are being handled? It's impressive they're managing such a large volume for residential use in Denmark. Netgate appears confident their hardware supports 10GB cards on an Atom. The XG-7100-1U model seems to be performing well. Originally, FreeBSD and stateful packet filtering struggled with 10Gbps, averaging 4-6. It's worth testing if you already have the firewall, but budget for potential costs if it doesn't meet your needs.
it remains consumer internet, I receive a fixed IP address... so I should use DHCP... I understand it’s quite excessive, though my current connection is fast enough. The price is almost the same, but equipment-wise it could fail. Even with just 2-3Gbps throughput, I’m comfortable. I’m not particularly technical, so I might need to experiment a bit. My user base is small. I already have a cloud setup running, a web page, my own mail client, Plex with transcoding, and I use it for full house WEB TV services (4-8Mbps streams for TV), STEAM, etc. The main challenge is that it will reach the limit of my 550/550MB/sec disc—my current 500/500 gives over 62MB per second—and my server only has 10TB Ironwolf discs.
As you mentioned, it's just one client, but the key benefit is ensuring no single user can exhaust the connection. Having a strong link would let me avoid bandwidth limits completely. If I could access it quickly, I'd transfer all my sites to locally hosted servers, which would cut costs compared to using a VPS.