On 12/30/2010 04:34 AM, Eero Volotinen wrote: > 2010/12/30 Steve Clark <sclark at netwolves.com>: >> On 12/29/2010 01:23 AM, Nataraj wrote: >> >> On 12/28/2010 09:04 PM, Eero Volotinen wrote: >> >> >> 2010/12/29 John R Pierce <pierce at hogranch.com>: >> >> >> On 12/28/10 1:55 PM, Nataraj wrote: >> >> >> - fast enough to do openvpn encryption on WAN links ranging from 50mb >> to 100mb >> >> >> THAT is a tough requirement. >> >> >> I was going to recommend the Alix boards. they run pfSense really >> nicely, and should be able to run a stripped down centos install OK. >> with pfSense, you can boot from a CF card, so no HD at all. >> >> The Alix cards use a 433-500Mhz AMD Geode ultra-low power processor, on >> a 6x6 card. they use 5 watts fully configured. >> >> but, 100Mbit/sec SSL encryption, ouch. don't know. you'd probably >> have to benchmark that. >> >> >> you need hardware encryption hardware or core2duo like processor .. >> >> -- >> Eero >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> >> >> Then the Mac mini might be what I need performancewise. I am also >> considering Dell R210's as I would really like an enterprise solution. >> Anyone have any experience with Habey? >> http://www.habeyusa.com/products.php?id=125#Menu=ChildMenu124 They have >> a wide selection of barebones Intel Atoms, including the 1.8Ghz Intel >> D525's as well as Pentium 4's with broadcom ethernets and systems with >> up to 6 ethernets. My sense is that I will still use some of these >> systems for firewall and management functions (i.e. firewalling Dell >> IDRAC6 cards) even if the encryption for the vpn has to run on a faster >> box. 50MB would probably be adequate. >> >> Thank you all for your responses. >> >> Nataraj >> >> >> Hi, >> >> We use the following. It has hardware encryption in the EDEN Via processor. >> We were able to get 22 mbits across an ipsec tunnel using AES encryption. >> This more than enough unless you have a DS3 circuit. >> >> http://www.acrosser.com/products/detail_id_427.html > IE only website :( > > So, you are using padlock hw encryption on device? > > -- > Eero > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos I see now that there is fairly extensive support available for padlock encryption. http://www.logix.cz/michal/devel/padlock/ http://www.logix.cz/michal/doc/article.xp/padlock-en These pages are a bit old, but it appears that support for md5, sha1 and sha256 are in the mainline linux kernel. Openvpn has a -engine option for invoking padlock support in openssl. So I expect that I will order at least one of these boxes for testing purposes and probably another box with a somewhat faster processor for comparison. Thanks, Nataraj