I’m new to the forums, but have been a fan of the Lawrence Systems channel for a few years.
I finally decided to upgrade to a pfSense router/firewall. I ordered the Netgate SG-2100 thinking that it would be sufficient for a 1 Gbps connection. After re-watching Tom’s review of the 2100, I think I pulled the trigger too quickly. Tom says the IMIX traffic is a better indicator of real world usage, which is significantly lower for the 2100. The IPERF3 traffic is 964 Mbs, but the IMIX Traffic is only 249 Mbps. Should I be looking a the 4100 instead? It gets IMIX traffic of 1.4 Gpbs. I want to check with you all first, since the 4100 is a signicant price jump ($250). Perhaps someone knows a cheaper alternative that doesn’t sacrifice too much quality.
Thanks Tom. I wasn’t expecting to hear from the man himself --very cool.
My use case is that my wife and I are increasingly working remotely from home during the same hours of the day. She is usually on zoom conference calls with clients, while I’m usually streaming video and using SaaS apps while I work . We have 4 adults and 2 kids living in the house, often streaming video separately, and sometimes playing online games like fortnite. There are also regular video calls to Israel and South Africa. Ideally I want my wife not to be anxious about client call connections, while providing a smooth enough experience for the rest of us.
There are various traffic shaping options in pfsense, it’s a bit trial and error IMO, but that’s probably going to fit your situation if you want to ensure a particular device, traffic or network is never lagging.
Given your use case, I would recommend that you start setting up vlans if you haven’t already. Set one for “work”, as you start tweaking your network with pfSense you’ll discover that you want want some features running on some networks and not others. Plus IMO it’s easier to apply your tweaks to networks rather than machines.
If you are just starting with pfSense then it will take time, I’d recommend making notes otherwise it will be easy to completely forget what you just did in a few hours let alone a few months.
Would you mind sharing your experience with SG-2100 if you already started using it with your 1Gbps connection? I am planning to buy one having more or less similar use case as yours. I read pretty much all the posts on Reddit, LTS, netgate forums but still not sure if it would fall short serving a 1 Gbps connection completely or could keep up at a close proximity of 1Gbps with a limited firewall rule set and pfblocker-ng package only.
I haven’t tried to push the limits yet, but so far so good in real world conditions. My wife says her zoom calls have been working great, even when I’m using data-intensive online apps and streaming video at the same time. She also says the internet seems much better in general. I have yet to notice any problems with multiple people streaming video or gaming, which is a big improvement from before. I only have good things to say so far.
Jay, that was really helpful to hear your positive real world experience, especially about the improvement you have perceived in contrast with your previous setup. Thank you!
I was suspecting that performance figures of a typical home use would be closer to iperf rather than the imix due to smaller number of simultaneous clients and limited scope of firewall features needed in comparison with a business scale. On the other hand, I was puzzled due to contradicting claims I have encountered in various forums with limited context provided about the use case.
I think I could go ahead and order one now with confidence.