Chinese mini PC J1900 + 4 Intel NIC

Hi,

it does work, but make sure the version you purchase has intel nics not realtek or intel 219v.

I have one and was using it, but found the GUI too slow (I do a lot of changing while testing), but suspect that is a bug which will be fixed in mr3 due for release shortly.

Ian

Thanks for your reply. I will indeed make sure it is Intel NICs in that little box for sure.

Can you please give me your Internet line speed and approximate number of devices behind the XG, what services you use and what speeds are you able to achieve?

Maybe what is the CPU utilization during peak hours ?

Hi,

before I swapped the box out I was running 50/20, 13 rues, 28 clienteles users, about 20 active, IPv6 and IP4. IPS, application and web rules. I use mail scanning (IMAPS), https and http, have rules for NTP blocking specific sites and countries. I have an AP55 with 4 SSIDs.

i was able to achieve the 50/20 using speed tests and download of apple updates. I currently have a 100/40 but not tried the service with the little box.

CPU was about 10%, but went way over 30% during configuration processes and was very slow in performing updates, waiting for mr3 before putting the little box back online

Ian

Thanks again. That helped me a lot in terms of performance. I now know I will be absolutely fine with only a dozen devices in any case.

BTW, do you use the quotom box or the cheaper unbranded one (in the original topic link) ?

Hi Pavol.

I use the cheaper aliexpress box because it came with slightly higher performance and 4 intel NICs where as the qotom one had the wrong NICs.

Ian

refreshed my info on  your choice and it appears to be different to the one I was looking at, seems slightly newer.

Speaking of UTM to XG - I have read a lot of forums but never found this hot topic:

Is there any way to at least partially migrate the configuration from UTM to XG?

I have some 50-ish firewall rules, some 30-ish forwarding rules, some DHCP static mappings, many hosts, many services defined.

It would take me few days to manually configure all these in the XG.

There was a trial beta version issued to some commercial customers, but I don't think it is available for home users.

You seem to have a rather if not excessive number of firewall rules and port forwarding. What do you mean by port forwarding, incoming traffic to a server?

Ian

With port forwarding I mean Static NAT rules, or if you wish - virtual server.

Nevertheless, I am now playing with SFOS in a VM trying to manually configure things up front, but what I experience is a very very user unfriendlyness all around.

For example, I have to define a DHCP static mapping and then a network IP Host. in SG you do it with one shot.

And there is more of strange things.

I was also reading some forums where people explain in detail what bugs they came thru and ended up with using SG without any hassle.

So for now, I will re-think my move to XG and stay with what I have.

Maybe I will purchase this box and migrate my UTM 9.5 to it, as it will be fanless and more power saving and more powerful.

Thanks for you responses.

I will come back here as soon as I have any news in this.

One item I have noticed since moving back to the E3 is the load has dropped. On the J1900 the load was in the high 2 low 3 now with the E3 the load sits around 2.

Ian

One item I have noticed since moving back to the E3 is the load has dropped. On the J1900 the load was in the high 2 low 3 now with the E3 the load sits around 2.

Ian

I have noticed some differences in the throughput (depending the active features) today; don´t know if this could / will be really such a significant difference:

UTM Throughput Performance

CPU:                                     Intel Celeron G1820

WebProtection:               No

AV Proxy:                            No

Throughput:                      230MBit/s

WebProtection:               Yes

AV Double Scan:               Yes

Throughput:                      212MBit/s

Difference                          92,17%

----------

CPU:                                     Intel Celeron J1900

WebProtection:               No

AV Proxy:                            No

Throughput:                      155MBit/s                         

WebProtection:               Yes

AV Double Scan:               Yes

Throughput:                      148MBit/s                          278Mbit/s (2 Threads)

Difference:                        95,48%

For testing I used single threaded downloads (speed test tools); if I was using two threads (different sites). The throuput was like in the "2 Threads" - Statement.

What do you see in the IPS tab of the GUI during your testing?

Ian

In the live log file for ips?

2019:04:03-21:04:37 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1048740 bytes (client queue). 192.168.4.103 57995 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
2019:04:03-21:04:37 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1048780 bytes (client queue). 192.168.4.103 57997 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
2019:04:03-21:04:38 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1048660 bytes (client queue). 192.168.4.103 57993 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
2019:04:03-21:06:36 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1051540 bytes (client queue). 192.168.4.103 58028 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
2019:04:03-21:06:36 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1051300 bytes (client queue). 192.168.4.103 58026 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
2019:04:03-21:06:36 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1056760 bytes (client queue). 192.168.4.103 58030 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
2019:04:03-21:06:39 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1067000 bytes (client queue). 192.168.4.103 58036 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007

in the shell i tried to increase the queue length but same result:

cc set ips queue_length 8192

the cpu usage while downloading with above speeds is very low: <15%

So deactivating IPS completelly eliminates the bottleneck of both firewalls; same for a SG115 device:

IPS on, WP / AV Proxy on = 109MBit/s

IPS off, WP / AV Proxy off = 295MBit/s (300mbit/s connection)

for that SP115 device this is like that what the official whitepaper says about the performance.

But what about I am a little bit confused is the CPU load which is on all devices (with activated IPS, WP, AV) very low?? The SG115 was round about 50% on ~100MBit/s.

Where exactly is the bottleneck? I thought this depends on the cpu ability and load?

sorry for that offtopic talking, but the j1900 device is also a chinese device and I am comparing some devices (SG210, SG115, SG125, ChineseBox J1900, AMD GX-415 GA, etc)