X86 router gigabit SQM capable

Hi,

I'm currently using an R7800 with the NSS Build.
With that configuration I can do NSS accelerated fq_codel at about 900/47 and get an A+ for bufferbloat, but the speeds seem pretty "unstable".

So to get the best out of my connection I was thinking about using an X86 device as my main router and the R7800 as a pure AP.

Would something like this be able to do SQM Cake at Gigabit speeds?

Fanless Firewall Micro Appliance/Mini PC with 4X Intel Gigabit Nics,DDR3L 2GB RAM 32GB mSATA, Support 2.5-inch SATA Internal SSD/HDD,Intel Celeron Quad Core J1900, 4X LAN,VGA/HDMI https://www.amazon.de/dp/B08BXF92NG/ref=cm_sw_r_apan_glt_i_GW566SRPD3CS2WV663ZQ?_encoding=UTF8&psc=1

Also I'm trying to wrap my head around how interfaces would work then.

Currently I have two normal WIFI SSIDs and a Guest WIFI each with their own interface and subnet. How would that translate to a two device solution?

You'll need a beefy i3 (or better) as SQM is single threaded
Out of curiousity, what do you get if you disable SQM?

Nah it's not, you no need i3, as a guide mader of x86 router, for 1000/1000 connection with cake sqm pentium g3460 (2 core haswell 3.5GHz) is enough, htop shows 80% CPU usage!
I can provide and proofs if you want! Or test something you want!

depends on which i3 you're looking at.

if your C3460 goes up to 80%, the J1900 isn't going to cut it, since the C3460's almost 2x the performance.

Bufferbloat wise? Sometimes an A but if things get busy it can get down to a D. I just tested though. In Speedtests I don't get full performance but a download in steam for example can still reach almost 100 MB/s with SQM enabled. So maybe that's good enough

So I'd be looking at something more like this:
Fanless Mini PC Router Core I3 7167U,Mini Desktop Computer Firewall Pfsense HDMI Display Port, Dual COM Port, 4 USB 3.0, WiFi, Support Watch Dog,8G RAM 128G SSD https://www.amazon.de/dp/B08D6CWG6M/ref=cm_sw_r_apan_glt_i_M9RDXSTW768TYX9WX8B1?_encoding=UTF8&psc=1

Wow that's more than I was thinking of spending.

https://www.waveform.com/tools/bufferbloat?test-id=cb0286f4-44da-4af3-aead-60e66749dc4a -- w/ VPN active & some downloads in the background C

https://www.waveform.com/tools/bufferbloat?test-id=e84ee793-1ee0-4d8c-bffe-26d008ea4177 -- pure no VPN / no downloads C

https://www.waveform.com/tools/bufferbloat?test-id=1160a145-6def-4823-98e0-be6feeeaa4fd -- VPN active again / no downloads in background gets a B

I ran these from a client but, from a custom x86/x64 router/server directly connected to the cable modem.

CM <2GE> Server <2.5GE> AP <1800mbps> Client

I from a pure speed standpoint I can hit in excess of 1GE from the server itself and probably get some better scores on the testing from there vs a wifi client. It also depends on the server on the other end being used for testing.

It's all relative to what's running on each leg of the test. If you're using a console that just does gaming and nothing else connected directly to the ISP your scores should be good enough to not have much latency / bloat. Factoring in other devices on your network though determines the overall scores you see.

In reality I would expect under "normal" circumstances w/o things optimized for testing to not get an A on these sorts of tests.

something like https://www.ebay.de/sch/i.html?_from=R40&_nkw=hp+t620+plus&_sacat=0&rt=nc ?
then add an additional single, dual or quad NIC in the slot available.

just double check the performance of the CPU in those, might not be enough for 1gbit SQM.

NIC's are really hard to buy for regular or even advanced user, you should go correct slot, correct speeds, correct chipset (intel only lol) for example in Russia, we have A LOT OF silicom NIC's based on intel i350 but it is NOT WORK with openwrt, meanwhile basic i350 card work.., you should assembly/disassembly cheap plastic case and probably ruin it..

Depends on what you're buying, doesn't it ? and intel isn't the only brand supported.
if there's room for a card, it's made to be taken apart....

I read in guides some broadcom's card works good also, but is there a list?
sorry for hijacking thread

For broadcom the module's called tg3, you can probably see in the sources which cards it support, or try modinfo.

for example what i have, as i say - 80% (800/800, but ~200 already used to torrents.) with cake sqm
https://imgur.com/a/hSkQPab

Go Core i3 if possible (there is a 10nm Tiger Lake mini PC coming soon from some companies). The one you linked uses a 7-8 year old Celeron, look at a newer one which will perform much better.

The Celeron J4125 for example wouldn't cost much more and is 5 years newer should handle gigabit SQM.

The NanoPi R4S also gets very close to gigabit SQM.

I wouldn't rely on Waveform's tests, unfortunately. Using Chrome the top speeds it can reach are ~50% of what I can get using the native Speedtest.com application. So, their tool can't actually apply a critical load and so their latency tests under load aren't valid.

On top of that, they were showing increased latency "under load" that is 2-3x higher than I see with MRT while running tests with the Speedtest.com application (at twice the throughput). So, it seems that their timing code is being influenced by the loading code they are running.

So, based on that I went to https://github.com/richb-hanover/OpenWrtScripts

Since my "router" is a PC using Linux this isn't that big of an ask to run some scripts vs the waveform website results.

./betterspeedtest.sh
2022-02-04 12:41:40 Testing against netperf.bufferbloat.net (ipv4) with 5 simultaneous sessions while pinging gstatic.com (60 seconds in each direction)
.............................................................
Download: 802.82 Mbps
Latency: (in msec, 61 pings, 0.00% packet loss)
Min: 13.400
10pct: 15.000
Median: 20.400
Avg: 23.556
90pct: 29.000
Max: 132.000
..............................................................
Upload: 39.86 Mbps
Latency: (in msec, 62 pings, 0.00% packet loss)
Min: 10.400
10pct: 13.400
Median: 21.700
Avg: 22.853
90pct: 28.600
Max: 60.400

./netperfrunner.sh
2022-02-04 12:44:11 Testing netperf.bufferbloat.net (ipv4) with 4 streams down and up while pinging gstatic.com. Takes about 60 seconds.
Download: 704.15 Mbps
Upload: 15.68 Mbps

Latency: (in msec, 62 pings, 0.00% packet loss)
Min: 13.900
10pct: 16.100
Median: 30.600
Avg: 32.511
90pct: 41.200
Max: 128.000

Windows Client:

image715×362 35.1 KB

From my router / server though;
Server: Dallas, TX tx.na.speedtest.i3d.net:8080 by i3D.net (3.77722 km from you): 13 ms
Ping: 13 ms.
Jitter: 3 ms.
Determine line type (2) ........................
Fiber / Lan line type detected: profile selected fiber

Testing download speed (32) ....................................................................................................................................................................................................................................................................
Download: 957.75 Mbit/s
Testing upload speed (12) .........................................................................
Upload: 43.92 Mbit/s

When I was testing under load I had downloads running in an app not relying on any test suite to provide load. App vs Browser of course can be quite different. Running rhe speedtest against their servers from CLI reduces the issues you see from bad software coding. Alas I downloaded the APP for Windows and that's the one screenshot and also the openwrt scripts from gitub for comparison testing.

I had a j1900 and it would SQM a gigabit but I was running a bonded pair of nics so I don't know if that's relevant really (it probably would spread the softirq load across cores)

I would look for Celeron 4000 series devices they should be inexpensive and fully capable. You might need to wait for shipping backlogs to subside though. Meantime just run a little slower.

Yep.... what he said. The 3000's and 4000's also have AES-NI hardware encryption support, where the J1900 did not, which should take off a lot of load if you're using VPN's. Zotac for one has a cheaper 4000 series box...