Thanks to the Unitymedia Expansion in Bochum I have a Gigabit connection for quite some time now. Unfortunately the previous router had some problems with it. Also the function of the router was not according to what I would like to see for myself.

Now there is the UM Gbit connection with a Fritzbox Cable 6591, in itself sufficient and a great device. But I don't like Provider Routers very much, often in the past I had the problem that after a provider initiated update the config was on default again or settings were changed " miraculously". Especially when working with VLAN Separation it is very annoying.

The good thing about the Fritzbox Cable is the bridge mode, the device then functions almost as a "stupid" modem behind is a pfSense.

However, this was not so easy to find a machine which works very power efficient (10W max) and has enough performance to route the Gbit connection with some firewall rules with no big speed loss.

In the end I decided to go for the mini-PC: ZOTAC ZBOX CI327 nano. Equipped with a Quad-Core Celeron N3450, the PC is capable of AES-NI and offers 2x1Gbit LAN connections. The whole thing passively cooled at idle 6W and under load on average at 10W.

It runs pfSense 2.4.4 with pfBlocker_NG and unbound on the AdGuard DNS service via DNS over TLS.

pfsense zotac zbox nano

The throughput is without QoS at about 880 Mbit which is ok. I use a FQ_CODEL QoS queue even if this would not be necessary for the speed. With full QoS to 800/40 and pfBlockNG DNSBL and IP lists the throughput is still around 750 Mbit.

Speedtest Unitymedia Gigabit Bochum mit CODEL QOS

The only thing I'm currently bothering is the Fritzbox, I'd rather have a pure modem. There seems to be one or the other problem with the bridge setting. For example, if I send many packets with high throughput, the bridge seems to drop packets at some point. I have to test if this happens with a DMZ config without bridge.

✉ Marco Götze//