Hi,
when I run OpenWrt on X86 and want 10G NIC, where can I find a list of supported NICs?
Since 10G is most fun with fiber connection what SFP+ support can I expect?
Thank you
It's probably harder to find a NIC that's not supported.... OpenWrt is Linux and you can't sell a NIC that's not supported by Linux anymore. Worst case is that you have to add the OpenWrt packacging for a new driver. But that's also unlikely.
You could take a look at the drivers in https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=package/kernel/linux/modules/netdevices.mk to verify OpenWrt support.
That's more difficult...
Most of the NIC drivers have integrated SFP support, so the answer depends on the driver. Some of them offload SFP functions to firmware and can therefore block "unauthorized" optics even if the driver itself is open source.
Personally I like the older Intel X520 adapters becasue they don't have such SFP problems. The driver even comes with a knob to disable the warnings:
bjorn@miraculix:~$ modinfo -F parm ixgbe
max_vfs:Maximum number of virtual functions to allocate per physical function - default is zero and maximum value is 63. (Deprecated) (uint)
allow_unsupported_sfp:Allow unsupported and untested SFP+ modules on 82599-based adapters (uint)
debug:Debug level (0=none,...,16=all) (int)
But these NICs are a bit dated now. If you're going for some more modern then you might have to buy vendor specific optics. At least for SFP+ optics. I believe many driver/NICs will accept any SFP (i.e 1gig) or DAC and just be difficult wrt non-DAC SFP+
1 Like
stick to intel cards, x520 can operate on 10 or 1gig sfp module, chelsio don't have drivers , mellanox same and broadcom are lottery for performance. an netgear wc7600 v1 will work nice but litlle noisy - it's server grade appliance 
1 Like
With these cards, what sort of throughput can we expect ? I am looking to build a 10G x86/64 bit router as well. @KONG @ACwifidude - Wil a much faster CPU than say an R7800, assuming a line rate of 10G (9500/9500) should I with enough HW behind it be able to keep my line rate or is this impossible on openWRT - would Ubuntu or something else be better? Thinking to use: Intel x550-t2-10gb (dual) cards & a decent Mini ITX / DTX board with a decent dual or even quad core CPU. I would like to avoid any line loss - also, would the intel server grade card support HW NAT offload, or is that really not needed? Also - does that not bypass IPFILTER and other things when you use it as flows are no longer in SW but rather HW?
"Natting" 10G is demanding. This is nothing for a consumer grade router. At work I use a 1HE HP Xeon server for this.
By the way SFP is just a dfferent way of signal transport, this does not require a special driver ,for the OS it doesn't make a difference if the card uses SFP or RJ45. SFP uses less power and latency is better. But the cables are not as robust:-)
For 10G TCP/UDP an intel will do. For faster speeds or high UDP throughput you should choose a mellanox(nvidia). I have an RDMA storage that's delivers 9GB/s over 100G network with two connect-X5.
1 Like
Understood- I am a senior storage / networks devops guy but I have never tried to push any of these consumer routers this much before and I'm just trying to see basically what is the lowest config that I can do in your experience and still be able to NAT 10 gig. I use MPO on my work storage devices, 40G, used to use LC SFP but need more throughout as we manage ~700PB of NAS alone. We also have 100G btw but haven't used much of it yet.
I'm trying to make the smallest form factor device possible and still have line speed 10 gig with a fair number of connections. Do you have any advice as such other than the one you I'm looking to put this in a residential outfit basically not work so, looks and size matter lol 
Also, what Linux build do you suggest or is openwrt still useful on regular x86 gear ?
Opensense or Pfsense on Mini-ITX + 10G dual port card would be suitable for this. Or for an advanced setup with different networks, e.g. isolated guest network, a 4 port 10G or dual port 10G + 4 Port 1G. Use vlans to attach multiple ports from the openwrt AP and then have the ability to setup different networks and what should happen on these. E.g run the guest network through a proxy or have an IDS listen on the guest network etc.
Pfsense and Opensense come with a lot of nicely integrated apps.
Okay, I was doing some reading and a few people seemed to suggest opensense and offense don't do well @ making line speed 10g but I am will happily test it out.
Also, I use a lot of wireguard and was thinking of using a crypto accelerator but I see that most do AES which helps anything in NGINX I may use, openVPN, wifi etc but not WG as that uses ChaCha20 - is there anything that speeds that up or is it not even worth speeding up. Most crypto cards seem to be AES based.
Of course you need a powerful CPU for that with a high single core speed, an i7/i5 with 4Ghz. It comes with AES accel.