after buying a 10TB wd red disk and creating a Turris NAS, I was checking throughput and things did not seem to be right.
As based on the spec this HDD drive speed should be about 200MB/s, which is awesome, close to (half of) the speed of an SSD. But of course in a gigabit network one can get only 125MB/s, but I could only get around 50-80MB/s, I realized that the culprit was cpu usage, i uninstalled pakon and device detection, and stopped surricata, because cpu usage was at 100%, after stopping it, the speed went up to 114MB/s with around 20% cpu usage. Is there anything that could prevent it to go to 125MB/s?
But I would rather have these plugins to work normally, is there a way to confiugre surricata to skip NFS usage to keep cpu usage low? How can I do it?
Another test I did was to test the other bottleneck, the HDD locally from router using dd, writing 1GB zeroes into a file I got 130MB/s speed with 10GB file it was 160MB, still quite far away from 220MB/s that I could see testing in a video, it went to 220 and falled back slowly and stabilized at 190MB/s.
What could be the reason that I can only get so low values? Is it because of BTRFS?
The disk is only used around 20%, 2TB out of 10TB.
There is some overhead so getting 114MB/s is pretty much best you can get over 1GBE. Only option to get more might be to use bonding of both CPU-ports (eth1 and eth2) but unfortunately I never succeded in that (see some other threads for this) so I gave up on TO as NAS…
I think this is really of topic. But to answer to your question:
I didn’t want to insult our beloved TO, but, yes, it is far from being a decent NAS. It’s for those not wanting to invest in dedicated hardware. And therefore it’s fine, so don’t get me wrong.
But the time of 1GBE network connections being fast was somewhen in the 2000s, affordable 10GBE network hardware is available since 5+ years as well as PCIe-SSDs running at r/w-speeds of 1000+MiB/s are. So, yes, 110MiB/s might not be slow if you haven’t encountered 1000MiB/s - which is acceptable fast.
I agree. Btw I chose Turris as my NAS for the silent and passive cooling possibility, which is a kind of unique, although I get now 82,7 C temp., which could be a bit worrying. I guess it was only around 60C.
Also I wonder why do we have SFP in Turris if we cannot use 10GBit modul in it. Reading through some formus Turris only support around 2Gbit in it, but that was also not really possible to be used by anyone, so what is the use then, while it also means extra cost in its price?
Btw the idea of bonding sounds good, that you mentioned, I will read into it. Does it mean i would also need a another NIC in my PC, so 2 cables between PC and the router? currently I only have one. Sorry to hear you have not managed to get that working either. What was the showstopper?
I am still wating for some idea how to limit suricata to ignore NFS/NAS traffic without sacrificing much security, or even it is possible?
For silence i slightly disagree - if you build your own NAS, it can be really silent. Not zero noise, but close to (even with AMD epyc + 128GB RAM + xTB SSD + decoupled HDD + several 10GBE NICs) @SFP (not SFP+, only SFP+ is capable of 10GBE!): In the end it’s the CPU which is only providing 1GBE, so there’s no use in trying speeds beyond that. There’s no extra cost, TO is based on compex board utilizing this cage, which you have simply to take as a “package” including a SFP-slot (which is really interesting criteria, if you can use it to get rid of a ISP’s SFP-modem. Don’t know if there’s a single ISP out there providing 2,5GB fibre via SFP so I deem this 2,5GB as marketing measure only.) @bonding/ link aggregation: have a look here. I’d really appreciate more thoughts on this topic, but you will definitely need a second NIC on your PC or a newer NIC (at least 2,5/5GBE) + network switch with at least one 2,5/5GBE port inbetween; second option is much more handy. And make sure to have a snapshot done before playing with those entries
IIRC the Omnia CPU provides three 2.5Gb (maybe I did confuse it and they’re 1Gb), but the HW might be too slow for you anyway in case you aim so high. I’d say 10Gb LAN is still many times more expensive than 1Gb but yes, it is kind of affordable even for SOHO if you really want it.
