Skip to main content

Upgrading to 4Gbps fiber: which gateway works with KPN?

  • 24 May 2024
  • 33 reacties
  • 610 keer bekeken

I'll be getting 4Gbps fiber next week (coming from 800Mbps Ziggo cable) and need some advice on what I need to upgrade in my home network to not have (m)any bottlenecks. All cables in my house are Cat5e now so I have some upgrading to do 🙂. Did my best to create a network diagram (see below). It's not the whole network with all devices, but the main elements are there.

If you open the image in a different tab, you can probably see more details :)

My main question: what to buy as a gateway (Box 14 replacement)?

After reading Vrije Modemkeuze, Eigen Modem and Eigen apparatuur I have some questions left about choosing my own gateway and what works with KPN fiber, specifically about the hardware to choose for my needs.

ONT

I don't see a reason to replace the ONT, I was a bit surprised that it didn't have a SPF+ port but only RJ45, but as long as that is not bottleneck I don't see why I would replace that. I assume this will use XGSPON, but since I don't have KPN until next week, I can't login to the servicetool yet to check.

New Gateway/Router specs

I'd want something more advanced than the KPN Box 14: a more advanced Firewall, VPN, VLAN, Parental controls, DNS, DHCP (maybe replace the Pi-Hole), IDS/IPS. And it needs at least 2x 10GbE ports (a WAN and a LAN).

I would connect this directly to my switch, but optionally, this new gateway could take over the function of the Switch as well, in that case it would need to have 6x 2.5GbE PoE+ ports (in addition to the 2 10GbE ports).

Are there any specific (hardware or software) specs that I need to consider to make it work with KPN fiber?

(I specifically do not need VoiP, IPTV, Multi-WAN, Harddrives, port forwarding or Wifi capabilities needed).

Probably good to know is that I don't have a server rack space available, just a small closet near the front door with probably 20x20x30cm, so probably no room for a dream machine or similar.

Bridge mode/Double NAT?

If my info is correct, the Box 14 cannot be placed in Bridge mode. Adding an additional gateway would create double NAT which seems like something I should avoid, leading me to think I need to remove the Box 14 from the network all-together. Not sure if the double NAT is big enough a problem to go through the hassle of setting up PPPoE myself?

Some concrete hardware options

I was first thinking of the UCG-Ultra to complement the Unify switches but (weirdly?) those are limited to only 1GbE LAN ports. Not ideal to have that as a chokepoint at the beginning of my network.

A good alternative could also be the Firewalla Gold Pro, but that A) doesn't come out until the end of the year and 😎 is 8x more expensive that the UCG-Ultra.

Netgate 6100 + pfSense seems to fit the specs. Mikrotik RB5009 is missing a 10GbE port, the Mikrotik CCR2004 is too big.

Are there any other decent pre-built devices out there or is my only option to go the custom/homebrew route with something like a NUC running pfsense/opnsense/openwrt/... ?

Thanks for reading this far down and for any comments! 🙏
 

PS: if you have any suggestions for removing any other (potential) chokepoints/inefficiencies from my network: happy to hear them! :)

I’ve got the Ubiquiti Dream Machine Pro Max.  Download works well, upload currently limited to 1Gbps but I believe this is a KPN issue.

You connected the fiber directly to the UDM Pro Max and got 4Gbit/s download speeds? I wasn’t aware that the UDM Pro Max is capable of offloading PPPoE to hardware. Can anyone confirm, because I might need to update my hardware in that case :-)  

Hi. It is possible but the PPPoE isn’t handles well on Ubiquity.  Biggest problem I have is that even with the Fritzbox they sent, I’m unable to achieve speeds close to 4Gbps.  I can barely get 1Gbps up.

The problem is the legacy PPPoE KPN uses. if you want to get 4 gbps with OPNSense (Or any *BSD) you need a fast CPU or something that acts like the ASIC the Box 14 uses to accelerate PPPoE, though with the new OPNsense 24.7 that runs FreeBSD 14.1 this seems less the case. I use a Minisforum MS-01 i5 version with OPNSense in Proxmox using SR-IOV interfaces. This is not cheap, maintenance friendly or power efficient for just a router. It is really fast though.

I do also have a Qotom Q20331g9 with C3758R but it has been too slow for 4 Gbps single download speeds. With OpenWRT in a VM I could enable more cores and could get full speed using multiple connections, but with OPNSense 24.1 I didn't manage to get it to work at full speed. With the MS-01 I can get 4 gbps using a single HTTPS download. I just use a 80 meter SFP+ copper module for now I got off Aliexpress to connect to the Nokia ONT. The cheaper 30 meter one did not work well and got really hot. The Genexis ONT was also problematic at the start. I did have problems with my QNAP switch, I had to replace it with a Mikrotik.

I can now get the full 4/4 gbps at “off-peak” times, and more like 4/1.5-2 gbps at “peak” times. This probably is a bandwidth limitation of KPN. It's not that I really need 4 Gbps anyway… though it is really nice. fast.com speedtests do ~5.5 GBps with bursts to 7 GBps. the speedtest.net just does 4 GBps.

If someone knows of an affordable plug-and-play solution that requires a bit less maintenance, and gets full speed and has a good amount of features let me know.

Thank you Bastian for your excellent post, very useful information for me personally. I’ll try the same next week. Just one question though, wasn’t it possible to connect the fiber directly in the MS-01? Did you try this?

I did not try this yet, it requires a fiber optic module/cable and some settings at KPN. But since a Nokia ont was connected I had no problems, and the modules costed like €275. But I saw there now is a module for €130 so i might try that.

Thanks, I ordered the ‘Zaram XGS-PON ONU SFP+’ and I’ll try it the next week and report back once I know more. 

Thanks, I ordered the ‘Zaram XGS-PON ONU SFP+’ and I’ll try it the next week and report back once I know more. 

I bought this one Hisense Sfp LTF7267-BHA+ (with the same chipset Cortina CA8271A). It works on 1Gbs fibre subscription. For a 4Gbs subscription, it would work theoretically. Maybe i will order 4Gbs speeds later to test it. But until now i'm happy with 1Gbs speed.
 
 

@Cybex  how did the Zaram work out for you?

@TDN did the Hisense for with 4Gbps speeds?

@gxjansen Honestly, I haven't tested it yet—I'm swamped with other projects. But it's on my mental to-do list, so I'll circle back and give it a whirl when things calm down.

Reageer


De Kennisbank

Heb je vragen over diensten, producten of wil je weten hoe je modeminstellingen verandert? Vind het antwoord op de meest gestelde vragen in onze Kennisbank

...

Community voorwaarden