Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3040 posts

Uber Geek
+1 received by user: 1608

Subscriber

Topic # 224037 30-Oct-2017 11:58
Send private message

This isn't really covered by @michaelmurfy  's excellent router guide, so throwing this open for the masses.

 

Currently in the middle of getting Gigabit UFB into several sites for work, and once we have those connections in place we're going to want start using them. Finding a nice business grade router that can handle those UFB connections is easy enough, but we're really wanting to be able to get close to line speed across an IPSec VPN as well. That seems to be a bit more difficult.. What can people suggest that's going to let me get at least 7-800mbps sustained IPSec VPN throughput for a reasonable price? 





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
2140 posts

Uber Geek
+1 received by user: 643

Subscriber

  Reply # 1892537 30-Oct-2017 12:16
One person supports this post
Send private message

Define reasonable? A quick look at Cisco, Meraki and Juniper you would be looking at between 10 and 20k per device. That sort of VPN processing power comes at a cost! 


5153 posts

Uber Geek
+1 received by user: 2176

Trusted

  Reply # 1892549 30-Oct-2017 12:28
One person supports this post
Send private message

This one does up to 400Mbps: http://www.draytek.com.au/products/broadband-routers/vigor2960/ 

 

This one does up to 800Mbps but not locally available (probably could get on special order through SnapperNet): http://www.draytek.com.au/products/broadband-routers/vigor3900/ 

 

 





Chorus has spent $1.4 billion on making their xDSL broadband network faster. If your still stuck on ADSL or VDSL, why not spend from $150 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
2140 posts

Uber Geek
+1 received by user: 643

Subscriber

  Reply # 1892551 30-Oct-2017 12:32
One person supports this post
Send private message

Considered building out PFsense boxes?




3040 posts

Uber Geek
+1 received by user: 1608

Subscriber

  Reply # 1892559 30-Oct-2017 12:44
Send private message

lxsw20:

 

Define reasonable? A quick look at Cisco, Meraki and Juniper you would be looking at between 10 and 20k per device. That sort of VPN processing power comes at a cost! 

 

 

1-3K

 

Fortigate 60E/80E/100E series are looking to be the prime candidates from what I can see, they respectively do 2/2.5/4gbps IPSec VPN throughput.

 

 





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.




3040 posts

Uber Geek
+1 received by user: 1608

Subscriber

  Reply # 1892563 30-Oct-2017 12:45
Send private message

lxsw20:

 

Considered building out PFsense boxes?

 

 

For a bunch of reasons it's not really a viable option.





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.


41 posts

Geek
+1 received by user: 3


  Reply # 1893174 31-Oct-2017 14:48
Send private message

coffeebaron:

 

This one does up to 400Mbps: http://www.draytek.com.au/products/broadband-routers/vigor2960/ 

 

This one does up to 800Mbps but not locally available (probably could get on special order through SnapperNet): http://www.draytek.com.au/products/broadband-routers/vigor3900/ 

 

 

 

 

For VPN:

 

  • 2960 may get 200 Mbps, not more
  • 3900 may get 600 Mbps, not more

The following chart has been "accurate" for the 2760.

 

http://www.draytek.co.uk/products/comparison

 

I have tested the 2760 (Spirent TestCenter: WAN-LAN, no VPN for that one) and it could only muster 150 Mbps with 1500-byte frames. At 64B, it was less than 7 Mbps. So have confirmed that the figures in that chart are best-case scenarios.

 

This put me off Drayteks for routers, though still using the DV130 for VDSL. As stable as they are, thoughput is not where I would want them to be.

 

 

 

 

 

 

 

 


dt

221 posts

Master Geek
+1 received by user: 30

Subscriber

  Reply # 1893197 31-Oct-2017 15:14
Send private message

Lias:

 

 For a bunch of reasons it's not really a viable option.

 

 

 

 

Is one of the reasons support? if it is you can buy supported pfsense devices, their specs are huge in comparison to other vendors and they're really hard to compete with on price vs performance. 

 

 

 

 https://www.netgate.com/solutions/pfsense/#on-premises

 

 

 

edit: link :) 


5153 posts

Uber Geek
+1 received by user: 2176

Trusted

  Reply # 1893203 31-Oct-2017 15:21
Send private message

@nitro thanks for the info. I know the Draytek 2860 series top out at approx. 400Mbps WAN-LAN, but also depends on what firewall / QoS / hardware acceleration it's doing. These are still very good routers for small business for the feature set they have.





Chorus has spent $1.4 billion on making their xDSL broadband network faster. If your still stuck on ADSL or VDSL, why not spend from $150 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


41 posts

Geek
+1 received by user: 3


  Reply # 1893205 31-Oct-2017 15:25
Send private message

@coffeebaron, agree. For small business users, the Drayteks pull their weight in price/performance. Not too long ago 200 Mbps VPN would have been a lot. These days, there are different requirements, such as the OPs. I'd be interested to see what they/he goes with, actually.

 

 

 

 

 

 


164 posts

Master Geek
+1 received by user: 50


  Reply # 1893207 31-Oct-2017 15:38
Send private message

You could look at a Ubiquiti Edgerouter Pro. Looks like people have got around 400 - 500 Mbps IPSec traffic through them. See link

https://community.ubnt.com/t5/EdgeMAX/ERL-Performance-Testing-with-IPSec-VPN/m-p/1053799/highlight/true#M44593

 

 

 

I know it's not quite as much as you were wanting, but for the money (around $700 each) they could be hard to beat.

Edit - Just had a look, the price/performance (just looking at IPSec traffic) is around the same as the Vigor2960. 


1891 posts

Uber Geek
+1 received by user: 290

Subscriber

  Reply # 1893216 31-Oct-2017 15:48
One person supports this post
Send private message

Mikrotik CCR1009-7G-1C-1S+





Ross

 

Spark FibreMAX using Mikrotik CCR1009-8G-1S-1S+

 


Speed Test


Meow
7281 posts

Uber Geek
+1 received by user: 3482

Moderator
Trusted
Lifetime subscriber

  Reply # 1893218 31-Oct-2017 15:53
Send private message

The Grandstream GWN7000 has hardware accelerated VPN and a newer CPU - I've found I could get 200Mbit out of it but an Ubiquiti USG was the weak link here as the Edgerouter Lite + USG top out at around 200Mbit. I had nothing to test its top speed.

 

Potentially the best value option here.





164 posts

Master Geek
+1 received by user: 50


  Reply # 1893223 31-Oct-2017 16:00
One person supports this post
Send private message

Spyware:

 

Mikrotik CCR1009-7G-1C-1S+

 

 

 

 

That's fairly impressive for the money. 


 

Click to see full size

 

 


3347 posts

Uber Geek
+1 received by user: 1118

Subscriber

  Reply # 1893232 31-Oct-2017 16:24
Send private message

The small Mikrotik CCR will do that no problem.

 

Have to say though, wondering the use case? 


5153 posts

Uber Geek
+1 received by user: 2176

Trusted

  Reply # 1893234 31-Oct-2017 16:29
Send private message

chevrolux:

 

The small Mikrotik CCR will do that no problem.

 

Have to say though, wondering the use case? 

 

 

Inter office file sharing from NAS / server would be one suitable use case.

 

 





Chorus has spent $1.4 billion on making their xDSL broadband network faster. If your still stuck on ADSL or VDSL, why not spend from $150 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Opera launches new mobile browser: Opera Touch
Posted 25-Apr-2018 20:45


TCF and Telcos Toughen Up on Scam Callers
Posted 23-Apr-2018 09:39


Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38


Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55


How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08


How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15


iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13


Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11


111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50


Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41


Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29


Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22


Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18


Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47


Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.