Page 1 of 5 123 ... LastLast
Results 1 to 10 of 41
  1. #1
    Untangler
    Join Date
    Jan 2017
    Posts
    57

    Default u25 capable of 1Gb speeds?

    Can some confirm that the u25 can handle a 1gb connection? I just recently got Xfinity 1gb service and have been unable to get anywhere near those speeds through my u25.

    I tested using dslreports speed test and a bypass rule in place for the testing PC.
    I ran each test 4 times waiting 5 mins between each test (yes it took a bit of time)

    • PC connect directly to xFinity Router
    o 980 Mb/s average

    • PC connected to u25 directly

    o With no apps running other than FireWall
     760 Mb/s average download speeds

    o With Web Filter, Virus Blocker and Application Control
     700 Mb/s average

    o With all of the above plus Bandwidth Control (QoS) - THIS is how i want to run my network
     365 Mb/s average
     Same bypass rule in QoS for the testing PC
     PC QoS set to Very High which is set to 60% Upload/Download Reservation

    Using Fair/Flow Queuing +codel for QoS

    What concerns me is I am losing 220 Mb/s speed with just the u25 bare bones. Is this the expected throughput or should I be looking for a new appliance to run untangle on?

    Thanks
    Last edited by jdpg2; 01-09-2018 at 01:50 PM.

  2. #2
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,494

    Default

    Quote Originally Posted by jdpg2 View Post
    What concerns me is I am losing 220 Mb/s speed with just the u25 bare bones.
    No, you're not. About the only thing that exists right now that can actually provide service anywhere close to 1Gbps are the speed test services. Sure, the u25 might max out during a speed test specifically designed to check this, but speed tests don't match real-world use. Nothing you're likely to use in the real world is gonna draw anything close to 1Gbps.

    I mean, Netflix can do it, but only if you're watching something like 200 simultaneous HD streams. The other places where this can matter are download services, especially for video game updates (steam, xbox live, psnetwork) and illegal bittorrent swarms, and even then it's still only an issue if you're doing a lot of this all at once. And it'll be at least another five years for any of those things to grow to the point where the u25 is your limiting factor.
    Last edited by jcoehoorn; 01-09-2018 at 02:59 PM.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 13.1 to protect 700Mbits for ~400 residential college students and associated staff and faculty

  3. #3
    Untangler drewstreib's Avatar
    Join Date
    Jan 2018
    Location
    San Jose, CA
    Posts
    45

    Default

    I think @jdpg2's concern and @jcoehoorn's response are both true.

    It is unlikely that real world things will end up being perceptibly affected just because you can't push a speedtest to 900+Mbps. It is also true that the atom processor in the U25 is probably limiting the burst bandwidth at the top end.

    This kind of discussion also happens all the time in other forums (I just saw a nearly identical one in Unifi's forums where the oft-repeated thread of "I can't get 600+Mbps wireless speed on a single client", "who cares? you don't have anything that would do that in real life anyway" threads is happening for the 3rd time this week.)

    Yep, Gigabit home internet has kind of thrown off the home router community where speeds have taken an unnatural leap in the last couple years (for lucky people). Routers that do more than pure packet routing in hardware end up having to push packets in software, and low power atom chips just don't keep up with gigabit here.

    Not that they necessarily need to keep up with gigabit speeds at home. You'd probably be hard pressed to do a blind test at home with a 1Gbps network vs a 300Mbps one and have anyone actually perceive a difference, even if told the parameters.

    This isn't a great sounding answer for someone who wants what they pay for, namely gigabit internet speeds. The answer is to either:

    (1) give up on doing software routing, and also the additional processing that something like untangle performs, and go with a hardware based home router that does keep up with gigabit, purely speaking, but doesn't give any of the more advanced features seen in a more advanced software stack,
    (2) get something with a few i3/i5 modern cores and really double down on hardware muscle, and get real gigabit software routing with all the bells & whistles enabled, or
    (3) realize that 300-500Mbps routing along with the software processing done by something like untangle is going to be perceptibly identical to #2 in nearly all cases, and go with it and re-evaluate in a couple of years.

  4. #4
    Untangler drewstreib's Avatar
    Join Date
    Jan 2018
    Location
    San Jose, CA
    Posts
    45

    Default

    One more note is that there probably isn't a need to perform QoS on a gig/gig network at home. Unless someone here corrects me, I'd venture that this is only slowing things down, and that there's no need to shape your virtually unlimited connection.

    Edit: If this is the 1000/35 Xfinity docsis/coax line, rather than the symmetric 1000/1000 gigabit fiber-to-the-home connection, then QoS on the outbound bandwidth could still prove useful if you have devices that might saturate it for some reason. Still a maybe that might not have a practical value if nothing tends to saturate the outbound connection (such as a connected vpn might).
    Last edited by drewstreib; 01-09-2018 at 03:25 PM.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,202

    Default

    No, a u25 will not operate a gigabit speeds. Yes, there are visible performance losses at times. If you want gigabit at home, you're going to have to upgrade to an appliance with an i3 in it, and spend through the nose to get it. That's the first device that reliably filters at gigabit velocities. The needs of a home are heavier than a business, such is life... buckle up and own up.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Untangler
    Join Date
    Jan 2017
    Posts
    57

    Default

    All, Thank you for confirming my initial findings and the constructive feed back. I love my u25 its a great device, but i also don't like leaving bandwidth i am paying for inaccessible. I will being my research on an i3 based appliance and see what is out there on offer or as sky-knight said "own it".

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,202

    Default

    I wish you luck, you're tackling a challenge I've been working on for two years. You need a solid mix of CPU, RAM, PCI Bus, and NICs to achieve stable gigabit filtration. The part about this journey that's surprised me is how little granularity there is between the Atom fueled 200mbit devices and the gigabit capable devices. It's like, once you cross that barrier, you go straight to plaid. I would have expected more middle ground. But simply replacing the Atom with a Celeron in some cases was enough.


    When I started down this road, only Xeons could do this... I've managed to get a near gigabit footprint out of a quad celeron today. So things are better! Sadly, I'm curious to see what this meltdown patch does to us, I fear it'll set us back a bit.

    P.S. Your results are far better than most of the devices I have in the field that match the hardware profile of the u25.
    Last edited by sky-knight; 01-10-2018 at 08:31 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untangler
    Join Date
    Jan 2017
    Posts
    57

    Default

    I have friends running untangle on all sorts of kit and they all marvel at how well the u25 works especially at 1GB speeds.

    I have no intention of putting my u25 to pasture any time soon. i will just start doing my research and be patient. This is its strange how the internet bandwidth has out paced the hardware available to process it. My guess is it will be a few years before a turn key solution (that doesn't break the bank) is available.

    Meltdown/Specter is going to hose everyone regardless of their tech cup of tea until the next gen of CPU's comes out

    Appreciate all of the responses

  9. #9
    Untangler drewstreib's Avatar
    Join Date
    Jan 2018
    Location
    San Jose, CA
    Posts
    45

    Default

    Quote Originally Posted by jdpg2 View Post
    This is its strange how the internet bandwidth has out paced the hardware available to process it.
    And since someone will point out that home routers *do* process 1Gbps speeds...

    Hardware assisted routing (chips by Cavium and others) can be done at Gbps on home routers, and does happen. When you can simplify routing down to some basic tasks that can be done with offload hardware, then your stuff from Netgear et al will properly benchmark at Gbps speeds.

    But as soon as you want to do other things with the traffic that fall outside of the scope of this hardware assisted space, then you're back to routing in software. And you've taken a huge leap backwards in raw speeds, but it is just necessary when you want to do application analysis, ids, most qos/shaping, web filtering, etc.

    Anyway, just wanted to head off the "but my Netgear router works at gig" statement. Not to write it off, but to note that it comes with a limited set of functionality. (Mostly just pushing the packets.)

  10. #10
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,202

    Default

    Well it's easy to route stuff at gigabit speeds, that has system requirements measured in mhz, and megabytes. We're dealing with equipment in ghz, and gigabytes!

    The problem here isn't the routing, the problem here is all that "deep packet inspection" going on that makes Untangle a layer 7 filter. Making more informed decisions on a packet takes longer, and if you want it done very quickly you need more hardware.

    The alternative is for Untangle to cloud offload all that processing somehow... which is a process that's happening but it's also taking time. Meanwhile, hardware is doing what hardware does, getting faster and cheaper.

    I sell my own variant of the u25, it's a very strong device for the price. It's just not capable of doing all things.
    Last edited by sky-knight; 01-10-2018 at 11:12 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 1 of 5 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2