On Tue, Oct 15, 2013 at 2:31 PM, Steve Clark sclark@netwolves.com wrote:
Hi,
we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07.
@Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct?
@Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine.
AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though.
[0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3
HTH, Steve
On 10/15/2013 02:13 PM, Terre Porter wrote:
I've not worked with Atom processors but I'll look in to it.
Thanks for the info.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On
Behalf
Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter <
tporter@webpage-builders.com
wrote: I've given up on getting the other machine to work so I'm looking at building a new one.
The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients).
I read so much about VPN encryption and the processor needs, now I am unsure if this will work.
You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web.
I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W
Eight-Core
Desktop Processor for under $120 (it's on sale), would it work ?
Seems like overkill to me.
I'd suggest more along the lines of an Atom-CPU based system. One of
those
mini-ITX setups that use 20W or thereabouts.
Just my two cents.
Any thoughts?
Thanks, Terre
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark@netwolves.com http://www.netwolves.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, 2013-10-15 at 18:05 -0400, SilverTip257 wrote:
@Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct?
@Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine.
AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though.
[0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3
You should look at the single board computers sold by Soekris Engineering.
Specifically the net6501 series:
http://soekris.com/products/net6501.html
Specifications:
• 600 Mhz to 1.6 Ghz Intel Atom E6xx single chip processor with EG20T companion chip • 512 to 2048 Mbyte DDR2-SDRAM, soldered on board • 2x SATA 3 Gbit interfaces with +5V and +12V power header • 4x Intel 82574L Gigabit Ethernet ports, Auto-MDIX RJ-45, protected to 700W/40A Surge • 2x Serial ports, DB9 and 10 pins internal header • USB 2.0 interface, 2x internal, 1x external port, bootable • 1 Full Mini-PCI Express shared with mSATA socket. • 1 USB only Mini-PCI Express shared with mSATA socket • 2x PCI Express Slots, right angle • 16 bit general purpose I/O, 24 pins header, connected to FPGA
...in either a tiny or a rackable box.
The number of lan slots can be increased above 4 by using expansion cards.
Steve
Interesting looking hardware... thanks for the info
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of S.Tindall Sent: Tuesday, October 15, 2013 8:29 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, 2013-10-15 at 18:05 -0400, SilverTip257 wrote:
@Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct?
@Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine.
AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though.
[0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3
You should look at the single board computers sold by Soekris Engineering.
Specifically the net6501 series:
http://soekris.com/products/net6501.html
Specifications:
• 600 Mhz to 1.6 Ghz Intel Atom E6xx single chip processor with EG20T companion chip • 512 to 2048 Mbyte DDR2-SDRAM, soldered on board • 2x SATA 3 Gbit interfaces with +5V and +12V power header • 4x Intel 82574L Gigabit Ethernet ports, Auto-MDIX RJ-45, protected to 700W/40A Surge • 2x Serial ports, DB9 and 10 pins internal header • USB 2.0 interface, 2x internal, 1x external port, bootable • 1 Full Mini-PCI Express shared with mSATA socket. • 1 USB only Mini-PCI Express shared with mSATA socket • 2x PCI Express Slots, right angle • 16 bit general purpose I/O, 24 pins header, connected to FPGA
...in either a tiny or a rackable box.
The number of lan slots can be increased above 4 by using expansion cards.
Steve
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I have must have been in a hardware vacuum, have a clue any of that hardware you mentioned.
Added it to the research list - haha!
Thanks
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of SilverTip257 Sent: Tuesday, October 15, 2013 6:05 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, Oct 15, 2013 at 2:31 PM, Steve Clark sclark@netwolves.com wrote:
Hi,
we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07.
@Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct?
@Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine.
AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though.
[0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3
HTH, Steve
On 10/15/2013 02:13 PM, Terre Porter wrote:
I've not worked with Atom processors but I'll look in to it.
Thanks for the info.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On
Behalf
Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter <
tporter@webpage-builders.com
wrote: I've given up on getting the other machine to work so I'm looking at building a new one.
The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients).
I read so much about VPN encryption and the processor needs, now I am unsure if this will work.
You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web.
I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W
Eight-Core
Desktop Processor for under $120 (it's on sale), would it work ?
Seems like overkill to me.
I'd suggest more along the lines of an Atom-CPU based system. One of
those
mini-ITX setups that use 20W or thereabouts.
Just my two cents.
Any thoughts?
Thanks, Terre
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark@netwolves.com http://www.netwolves.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- ---~~.~~--- Mike // SilverTip257 // _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On 10/15/2013 3:05 PM, SilverTip257 wrote:
I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine.
I think the Atoms pretty much beat the living daylights out of the C7 stuff, which were based on an architecture many generations old. some of the core I3/i5 laptop chips are very low power, too, and nearly as powerful as modern 2-4 core desktop processors.. the current 'Pentiums' are somewhere in between the Atom and the low end of the Core line.
On 10/15/2013 06:05 PM, SilverTip257 wrote:
On Tue, Oct 15, 2013 at 2:31 PM, Steve Clark sclark@netwolves.com wrote:
Hi,
we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07.
@Steve: Based on your statement, I figure you do not have a crypto accelerator and
That is correct - we do you AES which is an easier calculation than 3DES
the CPU is handling all the crypto. Correct?
@Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine.
AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though.
[0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3
HTH, Steve
On 10/15/2013 02:13 PM, Terre Porter wrote:
I've not worked with Atom processors but I'll look in to it.
Thanks for the info.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On
Behalf
Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter <
tporter@webpage-builders.com
wrote: I've given up on getting the other machine to work so I'm looking at building a new one.
The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients).
I read so much about VPN encryption and the processor needs, now I am unsure if this will work.
You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web.
I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W
Eight-Core
Desktop Processor for under $120 (it's on sale), would it work ?
Seems like overkill to me.
I'd suggest more along the lines of an Atom-CPU based system. One of
those
mini-ITX setups that use 20W or thereabouts.
Just my two cents.
Any thoughts?
Thanks, Terre
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark@netwolves.com http://www.netwolves.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
John R Pierce -
S.Tindall -
SilverTip257 -
Steve Clark -
Terre Porter