As the pinned post in the subforum suggests, the absolute minimum performance required is a dual-core 1.2 GHz for the processors to even approach anything near 1 Gbps routing capability:
In practice, SoCs like MT7622 have somehow consistently performed 1 Gbps routing but only with the assistance of hardware flow offloading. Without offload, it only breaks the 500 Mbps barrier with its 1.35 frequency clock.
But that’s old news! Mediatek’s Filogic is here for a couple gen already. Support for Qualcomm’s IPQ50 series are also landing. But I am still lost:
What sorts of performance should I be expecting from this generation?
Some of them even ship with 2.5 Gbps ports, but are even the SoCs clocked at 2 GHz even capable of moving that much data? To be fair, those SoCs are quad-core.
How have their hardware offloads improved? I think Qualcomm’s prevous gen’s hardware offload doesn’t work with OpenWrt, but what about IPQ50?
I’m making this thread not because I’m specifically looking for something to purchase, but just like the pinned post, I want to set expectations. Probably there should be similar threads with every new generation of SoCs.
ipq50xx (and ipq60xx) are ‘only’ cost optimized -stripped down- variants of ipq807x. The same story goes for ipq53xx and ipq957x. But raw CPU processing power isn’t everything, the I/O capabilities and driver support matter a whole lot more than that (as ipq806x/ ipq40xx and ipq807x/ ipq60xx/ ipq50xx show, fast CPU, but lobotomized without NSS offloading and bad non-offloaded vendor networking drivers (nss_dp)).
clock cycles are meaningful for the parts of the routing path that are bound by cpu… the number I gave is just a kind of rough back of the envelope.
One thing I’ll say is that the x86 hardware has become cheap enough that it no longer makes any sense to me to route via a dedicated all in one box if you have performance questions. If your internet is less than 50Mbps each way you can easily get pretty much any all in one box and be happy. If your internet is above 400Mbps each way, I would start looking at a mini PC and an OpenWrt VM.
You can get an N150 with 12 GB of RAM and 512GB of flash storage and dual 2.5Gbps LAN for $150 right now. Add a ZyXel 8 port managed switch and a copy of proxmox. Bond the nics in proxmox and the switch… set up vlans and bridges for wan, lan, iot, guest, dmz in proxmox. pass a NIC to the vm for each network, and set up OpenWrt in the VM… you’ve got a router capable of 1Gbps both directions simultaneously with traffic shaping and QoS. This device will last easily 5 years, and cost you effectively $40/yr in purchase price. An Omada access point is another $60 to $80 total
But it is DRAMATIC overkill for a router. So you can easily add a VM to run a NAS off it, or a desktop machine or a media pc, pihole, homeassistant, whatever… It’s a much better investment than the $200 or $250 you’d pay for a high end all in one plastic router.
I’ve been running a RPi4 since 2020 in this kind of setup (dedicated wired router + access points) and will be switching to a VM on proxmox as soon as I’ve finished configuring it out (running Guix not OpenWrt but I’d absolutely run OpenWrt if I weren’t such a giant nerd).
I know that - and I fully know that you are aware of it as well, but the distinction does matter massively nevertheless. Easy example, a 2002 vintage Pentium 4 ‘Northwood’ could already reach 3.4 GHz, but is no comparison to an alderlake-n CPU running at 3.4 GHz (even if you’d disable SMP and artificially restrict it to a single core). Yes, Cortex A53 (filogic 830) is Cortex A53 (ipq807x), but still, the I/O capabilities (network throughput) and network drivers between them differ a lot.
Totally agreed, and I’ve been doing that for a couple of years already.
This aspect not so much, not because you can’t do it (if you know what you’re doing), but because this complicates the setup considerably and introduces interesting bootstrapping questions (you really need to know what you’re doing, you need to have some fallback (be it HA or alternative hardware at the ready, etc.)), more complicated/ duplicated configurations and pulling the hypervisor into the critical chain of security considerations. If you know what you’re doing (and what consequences that entails), all the more power to you - but I would never recommend using a VM as router (and I don’t do it for any serious networks either, just for optional lab networks that may break without consequences).
Very few people keep backup hardware in case their all in one router breaks, but as soon as we discuss a VM this backups and high availability and things are often brought into the mix.
Its because people inherently associate the whole concept with critical business infrastructure. And for critical business infra your arguments are correct! And it costs a business essentially nothing to get a little extra hardware if they’re worried about losing a million dollars a day when the network goes out!
But thats not what I'm talking about. I'm talking about a home network where people are concerned about the difference between $170 all in one routers and $210 dollar ones.
If your VM is borked turn it off and boot the known good copy from before you borked it. If the hardware goes down, do whatever your plan was for when your all in one router hardware died. There’s no difference there.
Its much easier to brick a plastic router than it is a VM, I consider the VM strictly easier to keep running, and strictly easier to test out changes. Just clone the known good VM, and then make whatever changes you’re trying to do, then if they dont’ work, rollback to the known good clone.
Set up is strictly harder though I agree with that. Security can be an issue too.
A big advantage though is that the hardware gets used for routing, but also provides enormous benefits in terms of being able to run other services. Homeassistant, mqtt broker, OpenMediaVault, Nextcloud, whatever. You’re spending $200 to $300 to get capacity that it would have cost you $10k to get in 2010.
I appreciate both of your answers, and you are correct about dedicated x86 hardware. But both of you are going off-topic and not answering the question.
I’m not trying to restart the debate of whether or consumer devices can do 1 Gbps, I just want to know how much modern processors can do so I can make informed decisions,
Separately, to address the topic both of you are drifting into: yes, a dedicated router, switch and AP are the best, technically correct way to do networking. But for most people, besides the cost, it’s simply a hassle. Yes, I love tinkering and care about technology enough to take my time to find compatible devices and take my time to flash and configure OpenWrt. But moving beyond that into dedicated hardware is not simply a matter of money. I might live in a place where it’s not convenient to leave a running mini PC or whatever else exposed or within reach. Or I might just want a “one and done” solution rather than hunt for ever piece of the network puzzle. TL;DR: it’s not always possible to go the “technically best” route.
Yes, I understand that. But how do I apply that to Filogic, for example. What can I expect from it?
AFAIK the i-225 only has issues not the i-226 as shipped with the N100/N150 boards. I have not experienced any issues with the i-226 in my N100 unit.
My fanless N100 needs 10-15W with wireless ap enabled, but also acts as fileserver and docker host.
HW offloading in mediatek and qualcomm is not free from issues. While it works fro the majority of users, advanced setups will hit issues.
It all comes down to the use case. If one just needs a wifi router that can handle gigabit speeds a MT-6000 may be well suited. If someone has additional requirements x86 may be the way to go.
E.g. my router also acts as a filtering proxy and docker host.
BTW. My openwrt install for the N100 resides on a usb stick, I just plug it in to another hw with similar specs and be up and running again in minutes in case the mini pc would fail:-)
Not sure if anyone can give you a proper answer as your question leaves space for interpretation. Unless you only want to know how much cpu in mhz is needed to route one stream at 1Gbps.
In real world, you may need pppoe which requires quite some cpu, maybe want to use sqm, transfer via wireless run vpn. There are alot of things involved.
E.g. the IPQ807x cannot even handle gigabit when running sqm without hw acceleration(nss), with pppoe it maxes out at around 500-600Mbps. I’m pretty sure the same applies to recent filogic.
Outside of marketing fluff, what should I be expecting from these SoCs? Yes, I know they can’t do 1 Gbps, not without the imperfect hardware acceleration things.
For example, something like QCA9558 is known to be capped at maximum of 300 Mbps for plain routing (no offload, no SQM). In my experience, MT7622 is able to do 700 Mbps over PPPoE (again, no offloading or SQM). Similarly what can I expect from the Filogics?
I just want to set a baseline expectation of what this generation of hardware can do.
The USB stick is probably the weakest link (by far) in this setup and likely the first component to fail (I had 3 USB sticks out of less than a dozen fail within the last 12 months (light/ infrequent use, in-home only, no bumping, weather issues). There is a quite strong quality hierarchy between flash types and USB sticks are at the very bottom, combined with shoddy firmware/ wear-leveling on USB sticks don’t make a reliable combination. A cheap/ small SSD (including the 8 GB ones typically found in thin clients and similar gear or Intel’s used OPAL ones) likely improves reliability by several orders of magnitude.
filogic has several advantages over (non-NSS) ipq807x (just looking at (non-) checksum offloading in the non-NSS nss-dp case already makes a significant difference), so it should be considerably faster (disclaimer, I have ipq807x devices, but no filogic ones, yet).
Obviously hardware that doesn’t depend on offloading of any kind, but just has the raw performance to meet routing speed requirements without any of that is always preferable, and alderlake-n is a good option here (idle power consumption and performance).
Not sure what kind of usb sticks you use, but the samsungs I have never failed. I have several R7800 still in place running with usb sticks attached. I write proxy,dns,syslog to usb drive some of these sticks have been running for 5+ years. In my x86 setup I only have the install on the usb drive and an additional ssd for docker and storage tasks. At work I have been using usb drives for the last 10 years to hold the truenas install. I have not seen any failure. And if it would fail, it takes only a minute to write the image to a new drive and restore the config
P.S. I also have a fanless Ryzen 5 5625U, unfortunately it comes with 1Gbit ports, but compared to the N100/N150 this is a beast and only consumes 7W at idle.
The big advantage of a router soc such as ipq or mt is the integrated switch and wifi ap, the extra intel chips and additional wifi ap cards draw a lot of power. I had a N100 with single ethernet port before and that one only draw 4W at idle. So if you compare x86 with 4 ports + wifi ap, then it needs way more power. Thus for a single wifi router x86 is not really suitable. And the filogic is your best bet, but I prefer ath wifi.
