Thanks you kind sir
No worries.
For everyone else, a little update as promised. My tiny little aluminium APU2C4 SoC box arrived preloaded with IPFire. The German company I got it from will also preload OPNsense or pfSense on request, but despite its slightly less flashy UI I always find IPFire (being Linux based with a hardened kernel) has better responsiveness and throughput.
We now have SH3 in modem mode > APU/IPFIRE > Ubiquiti AP AC PRO. We don't have any wired clients at present due to redecorating etc, but I'll eventually make it SH3 > APU > switch | AP.
I have to say I'm impressed! It's a very small and sexy little box, which I specced in firewall red for the lulz. It arrived with a nice deep matte-red brushed aluminium finish (I was expecting bright, cheap paint) and it boots from cold to fully working in seconds. I was worried about it only having an SD card (there's room for an SSD if you want) but in reality I don't run Squid and it isn't an issue.
The Ubiquiti AP AC PRO is serving our dozen or so devices effortlessly, with all capable units syncing at or over 1Gbps on AC wifi, which is impressive. There are no dead spots in the house, and the signal strength is fantastic. Being able to download at 200Mbps over wifi on the opposite side of the house (and upstairs to boot) is great!
Back to the APU/IPFire box, which is handling the 200/20 WAN without noticing: I have the latest Core 107 release of IPFire, with SNORT and Guardian running; and whether it's HTTP, FTP, Usenet or torrents it's maxing the line and barely breaking a sweat. I just did a little wifi test (upstairs, and on the opposite side of the house to the firewall and AP) by grabbing first a Usenet download with 10 connections and then an Ubuntu torrent, which is always well seeded and fast. Both tests quickly jumped between 22 - 24MB/sec and stayed there, which in my eyes is a phenomenal improvement for a wifi connection as far away from the AP as you can get!
During both download tests the APU remained just under 20% memory usage (that's the SNORT rules behind held in RAM, usage didn't increase when downloading), and the CPU went from 99% idle to 88% idle and stayed there until the download finished. This thing would easily handle a much faster line, that's for sure. We've had zero issues with lag, and even with five of us streaming, browsing and downloading at the same time throughout the day it's just been absolutely seamless.
It's a night and day improvement over the SH3 in router mode, so mission accomplished. It also has AES-NI, so I can play around with bridging a couple of our paid-for VPNs when I get chance. In summary, it's a bargain really. Combined with the Ubiquiti AP AC PRO it's transformed our LAN and internet connection beyond recognition. Highly recommended!
