https://www.wireguard.com/performance/ shows 1 Gbps with Intel Core i7. I'd guess that they'd want to show themselves in the best possible light, so that if 1 Gbps could be reached with a less-powerful processor, they'd be showing that.
1 Like
Well, it hasn't changed since Nov 2017 and it has received various optimizations after that like SIMD, AVX etc. https://web.archive.org/web/20171115215421/https://www.wireguard.com/performance/
1 Like
https://oldwiki.archive.openwrt.org/doc/howto/sqm
Very nicely details. Alas, no example performance number. IMHO it would be great if anybody with actual performance numbers fro SQM could add them to that page.
1 Like
Also the test says its using GigE cards and the result is 1011 mbps. And it doesn't say what the test setup is. If the test is meant to effectively show more than 1 Gbps, it would have had to use at least 2 Gbps in parallel, right ? Or else with one Gbps, maybe they where not cpu bound and rounded incorrectly ? Or the test was running locally between two processes and network name spaces, they multiplied the results by two to account for the fact that a local test has two instances where a normal system needs one ?
That paging is succeeding in proving "we're so much better than them", but not in "here is how much performance you will get with your CPU".
Yes, yes. I know. "Its open source software, read the fine source code" including the test suite... Maybe.
last but not least, consider how much you are going to pay for power consumption of the router. With the wide range of options available, its certainly useful to find the most power efficient option for the speed you need. Unless you live in a place where you can use electric heating all year round anyhow 
With a little focus on energy consumption during the purchasing process, you can get x86 devices easily down into the same regions (in idle mode, which is the predominant- and only relevant mode for all use cases where power consumption matters) as normal embedded devices. Aside from the new >8 core i9, it isn't difficult to get modern Intel core i3/i5/i7 (haswell or newer) systems down to 11-15 watts idle, Atom systems at least down to ~6 watts measured at the wall - your off-the-mill high-end prosumer router isn't significantly better there. Yes, there will be brief bursts of increased power consumption (Atom up to ~30 watts), but that is statistically dwarfed by the idle power consumption (you'll have to push a lot of massively parallel routing throughput, VPN tunnels and server tasks on a x86 system before your average power consumption measured over a 24h period deviates significantly from the system's idle power consumption).
Of course the figures will be way off by repurposing old devices not purchased with power consumption in mind (dedicated graphics card, at least +30 watts, etc. pp.), but the figures above are achievable with well selected normal x86 gear, not anything exotic, special or overly expensive.
Yepp. Thats what i bought, just received the first one. It should have a working BIOS level serial port, but i haven't tested that yet.
The passive cooler of this thing is hilarious. Its a big wasabi grater with a built-in router. Only downside is that it doesn't fit a 2.5" disk, so can't be a nicely packaged all-in-home router & DMZ microserver (need external USB disk. Oh well..).
Of course CPU should be two generations newer, J4105, but nothing on the market with 4 ethernets. Not even two when i looked.
More professional but $200 more: https://www.lanner-america.com/buy-lanner/product/network-appliances/nca-1210a/
Thats about the performance level of the J4105, but more power consumption.
Yes. repurposing old gear has become more difficult with rising expectations. I still got old PC stuff lying around with CPU > 10 yeas old, thats very much a nogo, and even a nice fitpc3 would be a got fit (sigh) due to absence of AES-NI.
You can of course also go simply for a single ethernet NUC style PC and leave the rest to a VLAN capable L2 GigE switch. Of course that will only get you up to 500 Mbps (router on a stick).
the new amd athlon is 25-35 watts the ryzens are 65 watts and i'm not paying the electric bill 
i was gonna support AMD and also not have to worry about meltdown but, getting a dual core athlon, passmark score isn't bad and it's under 35 watts and i can upgrade for cheap if it isn't fast enough. both the athlons and ryzens have AES. with the psu and case and all that it isn't much more expensive that than zotac boxes mentioned prior in this thread if not cheaper.
I am (also) running an APU2 from pcengines.ch on military-grade mobile battery for several hours. As it is about 10W only.
Only using WiFi, no WAN. Integrated SSD, though.
The ability to run on batteries is indeed an interesting factor to minimize power consumption. I was considering that primarily to finally cut off an analog phone line (and just rely on VoIP), which so far would be the only emergency connectivity beside cell-phones that would be self-powered when the power fails.
Alas, in the place i am upgrading, the last power outage was for less than 1 minute > 15 years ago i think, so not a lot of RoI. In my other place it definitely would make a lot more sense. We even had an outage for almost 48 hours just four years ago (car drove into transformer). But i guess to protect for that type of case i should have an emergency power generator.
Despite being announced in the spring there was obviously some kind of manufacture or logistics delay on the 329's as we have just seen them starting to show up at suppliers in the last week or two. I would expect because the models are so close that before long the 327 will be dropped and directly replaced by the 329.
Something happened, indeed... From last November to now, the CI329 is as scarce as it was then, only a few vendors listing it, and some list but are out of stock. CI327's all over the place, though.
As a quick set of datapoints on my own CI327...
-some simple tests thru my 300/30mbit cable connection (have it limit set to 310/30 using Cake, layer cake SQM with diffserv3 up and down, few other things), feeding a C7 as an AP over the 5ghz radio... with the following results:
The standardized settings for DSLReports (posted a while back) 16u, 16d, highrez bufferbloat, no compression
280's down, 30's up, bloat well managed (when signal is strong) measures 70% idle and 20-25% IRQ during download test.
Second test, guidosarducci's speedtest-netperf test script, (also found here) tests internally from router to a site, logs link info and CPU, bumped up to 16 and 16 streams, concurrent:
290's and 29mbits, under 10ms added bloat lag, the 4 cores came out around 20 to 35% loaded, which seems to concur with the 70% idle in the other test. Hardly breaking a sweat doing advanced SQM at 300mbit.
Sorry I haven't set up some kind if VPN yet. The (N3450) CPU does have AES-NI support. I'd like to know if I'd run my full pipe speed before saturating. More details, test result data available, if someone's interested.
1 Like
In terms of supply I expect the problem is the underlying Intel backlog/CPU shortage that was first remarked on around Nov/Dec 2018. At that time Intel said they were so behind that they were prioritizing the higher capacity chips, and lower end models would only begin returning to stock around March or April 2019. I suspect the 327's that are floating around were all previous production stock, and the 329's have never really gone into full scale production due to the shortage. The next few months would be the telling point, to see what happens as old 327 stock sells down and what Zotac chooses to do as a result.
Here is what i would up with
Intel Core I3-8100T (CM8068403377415) [35W 7412 passmark] … {$129.00}
Gigabyte H310N … {$45.00}
HyperX FURY 4GB DDR4-2666MHz PC4-21300 CL15 … {$25.99}
IBM / Intel PRO/1000 PT 39Y6127 39Y6128 … {$12.95}
SuperMicro 1U case with PSU idk what model … {$50??}(bought on /r/homelabsales last year)
Cheapo 8x riser … {$12.50}
32gb SanDisk SSD … {$11.98}
Dynatron K2 1U CPU heatsink … {$19.57}(from another project a few years back)
{$307.07 all in}
No idea if any of it is compatible with Open WRT x86 / Open LEDE x86, i also havne't decided on OS yet either. Not even sure i have the skills to to install the drivers. apparently to install WRT/LEDE x86 you image the drive and do drivers manually which is assume it not like installing drivers in OSX,Linux or Windows.
Looks like a great build!
I've swapped out server-style 1U PSUs for picoPSU from Mini-Box units to keep the noise level down. They're not cheap, but can help turn server-room screamers to be a bit more office-/home-friendly. That and some Noctua fans tamed a Lanner for me. Check clearance as the picoPSU-160-XT may be too tall 1U enclosures by a few mm.
Installing needed drivers shouldn't be too bad (or even necessary), especially if you double check that the NIC is supported by your first installed image.
I wonder if Open LEDE/WRT makes use of stuff like AES NI for VPNs or if the instruction sets automatically offloads that stuff by design?
direct! just plug in about any old adapter and good to go. 2 NICs to but, can't remember if both are Intel NICs or not. why the hell OEMs won't put in dual Intel NICs. would have bought a ZBOX if they did.
If the PSU is loud, i'll swap it with a noctua(s?) also not as cheap.
this is all handled by kernel and openssl so it's not related to openwrt
3 Likes
You would probably be better off however looking at something that isn't geared towards minimal footprint such as pfsense on your hardware but I guess it should work somewhat at least. There's little optimization for newer x86(64-bit) CPUs in OpenWrt so crypto etc might not be optimal.
2 Likes