Optimal Router Hardware

[LVLouisCyphre]

I guess it depends if you're running a pure firewall only with NAT or with a lot of other feats. That can consume a bit more.

That's correct. I have all of my FreeBSD (based) boxes set up as a standby firewall/router regardless of what their primary function is with carp(4), pf, et.al. It's trivial to set up a standby firewall/router or have a server double as a standby firewall/router.

You could call FreeBSD a RAIF/G/R; redundant array of independent (or inexpensive) of firewalls, gateways or routers.

It's one of the most fundamental functions of FreeBSD that works exceptionally well. The same thing can be done with OPN and pf Sense as they're both FreeBSD based.

 

[neel]

There was no way that FreeBSD could complete the task I assigned it! The maximum speed I achieved was 1 gigabyte, although I was just as intent on 2 gigabytes of speed as you were.

Having multi-Gigabit speeds means that you need either a >1 Gbps NIC, or need to bond multiple 1 Gbps NICs. Some cable modems allow for bonding multiple 1 Gbps NICs, but fiber is usually fiber to the SFP or less likely a NBASE-T/10GBASE-T Ethernet handoff.

In the US know Google Fiber (if you can get it) and Comcast are going with 2 and 1.2 Gbps respectively, but others like Verizon, AT&T, Spectrum, Cox are still at 1 Gbps max (if you can even get it). In Canada, Bell, Telus, and Shaw have 1.5 Gbps tiers, but others like Rogers, Cogeco, TekSavvy, etc. are still at 1 Gbps. In many European and Asian countries with more prevalent FTTH, there are multi-Gigabit FTTH speeds, but there are many countries in Europe/Asia with different ISPs. For instance, in Sweden or Japan 10 Gbps is widely available but in the UK or India, Gigabit FTTH is still a pipe dream for most.

 

[malavon]

It seems you already have plenty of answers, but I'll add my experience to it. I've been using FreeBSD-based router/firewall voxes since I first had broadband, back in 2002. For a 100MBit connection I used a Pentium 2 300MHz, that also doubled as a NAS.
Nowadays I use an i3-4160 (Haswell era) on a Supermicro ITX board (server Intel NICs), which is also an ESXI box that runs a dozen VM's. CPU usage is next to nothing since I stopped running an ELK stack.

So yes, pretty much any modern x64 hardware will do. I'd concentrate on the NICs you want, either onboard or discrete. Make sure your motherboard has enough PCIe lanes on all the ports you want to use. That's basically only important if they need more than 4 though.

btw. you have a few firewall options to do this. My previous box used pf, nowadays I use IPFW. Not sure if there's much difference in cpu load.