pfSense Support Subscription

Author Topic: SG-2220 performance Q  (Read 491 times)

0 Members and 1 Guest are viewing this topic.

Offline troy

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
SG-2220 performance Q
« on: July 13, 2017, 05:55:58 pm »
Hi,

I can't get much of a sense of how much traffic the various
netgate boxes will support.  Specifically, what level of
symmetric service will a SG-2220 "max out" if I want to:

 * Route the whole house to an OpenVPN provider
 * Route part of the house on OpenVPN provider using VLAN
    tagging from a switch (and the rest to the WAN).
 * Support an occasional OpenVPN or IPsec inward
 * Block ads and trackers
 * Filter the kid's access to websites
 * Filter the kid's access by time
 * (DNS, DHCP, ntp...)
 * Eventually play with snort, squid, and squidguard

Assume 3 humans surfing, gaming or streaming video, one
always-on server with a torrent client, and various appliances
(TiVos, Echos, Sonos).

Thanks!

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 429
  • Karma: +76/-95
    • View Profile
    • Netgate
Re: SG-2220 performance Q
« Reply #1 on: July 14, 2017, 03:50:04 am »
SG-2220 can do up to a gigabit NAT. With OpenVPN AES-128-CBC it will max out around 78Mbps. In our tests with IPsec AES128-GCM IKEv2 we reached around 322Mbps on the unit.
Need help fast? Commercial support: https://www.netgate.com/support/

Offline troy

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: SG-2220 performance Q
« Reply #2 on: July 14, 2017, 06:46:58 am »
Thanks!  Would you happen to have numbers for OpenVPN AES-256-CBC on the SG-2220 and SG-2440?

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 429
  • Karma: +76/-95
    • View Profile
    • Netgate
Re: SG-2220 performance Q
« Reply #3 on: July 14, 2017, 10:43:32 am »
Sorry, no AES-256-CBC numbers.
Need help fast? Commercial support: https://www.netgate.com/support/