What options for 10gbps routing throughput?

So I am getting dedicated 10gb internet at my house in the next couple of weeks and looking for a router that can handle that. Right now I have UniFi equipment and while Id love to stay with that, they just don’t have a router that can handle the speed. I have an older opnsense router PC I used before my UniFi stuff, but it only has a 7600K quad core in it and from my research, it appears I need a minimum of 8 cores, 16 preferable, for 10gb routing. While core speed does come into the equation, cores seem to be vastly preferred to MHz speed.

Right now it appears there is really only this Mikrotik model:

or I could upgrade the opnsense PC and buy a new MB and CPU to get the processing speed I need, but that would be roughly the same cost as the Mikrotik’s and Id prefer a rackmount solution and lower power use than a desktop processor.

But are there any other options for the same price or cheaper than those Mikrotiks?
I do need an SFP+ port on it for the WAN, but that is normally a standard feature in these types of routers so is hardly something to really look out for.

1 Like

7600K should be fine. 40Gbit routing takes 16% of a 6-core Zen3 Ryzen : 25 Gigabit Linux internet router PC build (2021) - Michael Stapelberg

3 Likes

If you want a balls to the wall setup Wendell did a video on this:

1 Like

I can route at 10Gb/s in PFSENSE with my Pentium Gold G5500 and 8GB of RAM, with a Mellanox ConnectX-3

I think you’d be fine with the 7600K

2 Likes

Are we talking pure routing or are we talking NAT, complex firewall rules VPN endpoint and some connection sniffing?

1 Like

Anyway, the 7600k should be fine for nat at 10Gb and some medium firewall chains, wireguard performance should be in the gigabits/s, the high single core clock helps with OpenVPN/IPsec …
I would add a dual 10gb card to your setup, and test… that would be the path of least initial expenditure.
make sure you choose a well supported 10Gb card (Intel, mellanox)

2 Likes

Like many others here I think it’s probably fine to go with your current CPU.
However, one thing to consider is that not only the total bandwidth is what counts. A lot of computers can saturate their links if they’re given large enough packets to work with. But if you want a competent 10G router, you should be able to run at “small-packet line-rate”, which should be ~15M packets/s assuming 64byte packages, including the needed routing/packet manipulation(firewall).
That can be really demanding, but is probably unnecessary for your use case, so make sure to run some tests(both synthetic and real-world if possible).
Keep in mind that your ISPs equipment might be the bottleneck still.

2 Likes

The listed idle power consumption for that mikrotik is 60w , 80w when using all 10gb links and ports …
That will be in the upper range of your 7600k, I think…
As opposed to switching, where the Asics have started going down in power draw for 10gb switching, routing and especially packet filtering is still CPU bound, so there’s no escaping a relatively high power draw when pushing packets, newer architectures will idle at lower power, but boost at the same max levels when needed

My setup (vyos forbidden router with truenas scale as hypervisor, an old six core xeon E5-1650 v2 @ 3.50GHz , 64gb of ecc ram, three drives, Intel 10gbit DA2 two nvmes, two data SSD) draws 50 watts at idle, 85 under load … Can packet filter at 8/9 gigabit/s and route at line rate speed…

1 Like

NAT, IPS, some firewall rules and forwarding, a static route or two.

I guess Ill get the old rig up and running again and do some routing tests on it and see what it comes up with. If it turns out not to be powerful enough I can always upgrade or look into other options then.

1 Like