X86 for 1Gb with cake

Hardware Questions and Recommendations
21

I was able to do over 700 with HFSC through a squid proxy so it's gotta be possible to do more than that if it's straight routing and shaping. I don't have actual benchmarks to prove it, but there's no reason to buy a J1900 anymore, there are plenty of later models, so basically think "anything after the J1900" is pretty much guaranteed to do it and J1900 does at least 700 if not the full 980 (max real-world bandwidth through a gigE port).

What I've found is that it's hard to use speedtest sites to test a gigabit, the speed test sites aren't really set up for it. To do definitive benchmarks effectively you need 3 machines, a server, a client, and a router on a test network, with iperf3 or something.

22

This is what is in the CI327, the Realtek R8169. AFAIK, the CI329 has the same one, but I'm not 100% sure of that.

[    9.021173] e1000e: Intel(R) PRO/1000 Network Driver - 3.2.6-k
[    9.027321] e1000e: Copyright(c) 1999 - 2015 Intel Corporation.
[    9.034465] ip_tables: (C) 2000-2006 Netfilter Core Team
[    9.049847] r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded
[    9.081636] r8169 0000:02:00.0 eth0: RTL8168g/8111g at 0xffffc90000039000, 00:01:2e:83:5a:da, XID 0c000800 IRQ 123
[    9.092793] r8169 0000:02:00.0 eth0: jumbo features [frames: 9200 bytes, tx checksumming: ko]
[    9.101893] r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded
[    9.131449] r8169 0000:03:00.0 eth1: RTL8168g/8111g at 0xffffc90000061000, 00:01:2e:83:5a:db, XID 0c000800 IRQ 124
[    9.142376] r8169 0000:03:00.0 eth1: jumbo features [frames: 9200 bytes, tx checksumming: ko]
23

I have never tried Squid. Is it worth it?

Did you set up squid as guided in https://openwrt.org/docs/guide-user/services/proxy/proxy.squid ?

24

For me squid is a huge help in parental control. I block outgoing traffic to ports 80 and 443, and then manually set proxies on my machines at home. It works well, and it lets me do things like set times of the day when kids can access play sites vs only school and work stuff. It also lets me tag packets with priority based on the site being visited and therefore make some changes to the QoS (so for example people watching streaming TV don't get garbled video or audio or changing back and forth between different resolutions etc)

1 Like
25

also btw transparent mode is useless in the modern web. There's no such thing as "transparent https proxy" and almost all websites have moved to https so you need an explicit proxy. With explicit proxy the software knows to connect to the proxy and ask the proxy to set up a tunnel to the final device... the proxy can't understand the traffic, but it knows where to set up the tunnel.