If this is in the wrong section, admins please move to correct category.
I am not a tech guy, but I upgraded to 500/500 fiber and with my brother’s & Tom’s videos help, configured pfSense on a Netgate SG-1100. I do not run Suricata. Firewall is limited to just a few rules and pfBlockerNG with a few lists. At the time, I thought the 1100 would be fast enough to firewall my 500/500 speed. It really isn’t quite fast enough. Without the netgate in place, I can nearly get ‘line’ speed. I believe is the term. With the Netgate, it is reduced to between 350-380 Mbps. This seems to be in line with what Tom said in his recent video of the Netgate SG-2100, where he said that the 1100 kinda chokes above 400 Mbps.
I’m wondering how the SG-2100 would do. Looking at Netgate’s speed specs for each appliance, it looks like the 2100 is about 50-60% faster on firewall than the 1100. Using Tom’s recommended internet cap of 400 Mbps for the 1100, that would put an internet cap of around 600 Mbps on the 2100, which should be an improvement on my 1/2 Gig fiber line.
Before I shell out $300 more, I like to get the opinion of those more technically minded. I don’t understand how it can route through the firewall 50%+ faster when they appear to be using the same ARM CPU. The only technical difference that they list is an increase of RAM from 1GB to 4GB. Are there other aspects of the 2100 that would actually increase the throughput by 50%+?
The 1100 is doing the job as a home router, it’s just losing about 75-100 Mbps off of the expected speed that we are paying for (assuming we should get at least 85-90% of line speed). I’d consider spending $300 to upgrade to the 2100 if I knew that it would truly make a difference.