Hi, I need an advice from end users of pfSense plus. My network has about 500 MAC addresses in 12 VLANs. The WAN and synchronization interfaces are 2 more physical ones. From the 12 VLANS I put 5 and 5 respectively on 2 10SFP+ interfaces. WAN speed is 150 Mbps symmetrical. There is inter VLAN routing with firewall access lists.
I’m confused about performance: from one side 10Gbit routing needs high frequency CPU, from other side there are appliances with 4 10Gbit ports on board but relatively slow CPU (although Xeon D). My question is: what is the minimum CPU model which can do this routing? Must consider also: Suricata, pfBlockerNG, OpenVPN, Wireguard.
I’d say Netgate are the best people to give you a response. However, some of their higher spec’ed routers ought to do the job. There are some performance metrics if you search their site for the various routers.
Also, remember single stream vs aggregate performance will vary quit a bit. Due to the architecture of pfsense and BSD using iperf for testing single stream will yield how fast it can handle that with a single core. Do the same iperf test with many streams and it will go much faster. Also worth noting that many streams is more realistic for average workloads.
They have specs for their systems on their site: