Minimum hardware requirement for VPN usage
-
Hello,
I need the minimum requirement to run a VPN as a client in PfSense, I need to use a couple of VMs or machines, but no heavy traffic.
The reason why I'm asking is due to this issue https://forum.netgate.com/topic/175678/openvpn-puts-down-internet-traffic/3 , and I already have spent too much money on my initial box :D .
At the end though, I may have found the solution, I'm just not sure if it's a suggested approach due to manual NAT required etc... It may complicate the entire setup... -
@jt40 what speed internet? How fast do you need/want your VPN to be?
OVPN uses a single-core so you'll want as high-a-speed CPU as possible.
-
@rcoleman-netgate said in Minimum hardware requirement for VPN usage:
@jt40 what speed internet? How fast do you need/want your VPN to be?
OVPN uses a single-core so you'll want as high-a-speed CPU as possible.
I don't think I'll ever need more than 64 Mbit/s for a long period of time...
But how much would it change if I ever need 300 Mbit for example? Not easy to achieve with a VPN, but with a custom VPN probably is duable without spending too much money (on server side too). -
@jt40 said in Minimum hardware requirement for VPN usage:
I don't think I'll ever need more than 64 Mbit/s for a long period of time...
I used to think the same thing when I had a 150 Mb connection. Then my ISP/cable company offered me a package for IPTV and I found myself with a 500/20 connection that actually delivers better than 900 Mb down. Even at that, when running speedtest, the CPU is only at a few percent, using the hardware described in my sig. I expect my VPN performance will be fine, though I haven't used it much since COVID.
-
@jknott said in Minimum hardware requirement for VPN usage:
@jt40 said in Minimum hardware requirement for VPN usage:
I don't think I'll ever need more than 64 Mbit/s for a long period of time...
I used to think the same thing when I had a 150 Mb connection. Then my ISP/cable company offered me a package for IPTV and I found myself with a 500/20 connection that actually delivers better than 900 Mb down. Even at that, when running speedtest, the CPU is only at a few percent, using the hardware described in my sig. I expect my VPN performance will be fine, though I haven't used it much since COVID.
It depends which I5 :) , can you tell me more?
-
@jt40 said in Minimum hardware requirement for VPN usage:
It depends which I5 :) , can you tell me more?
Here's what the dashboard says:
Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Current: 2300 MHz, Max: 2301 MHz
4 CPUs: 1 package(s) x 2 core(s) x 2 hardware threads
AES-NI CPU Crypto: Yes (active)
QAT Crypto: No -
@jknott said in Minimum hardware requirement for VPN usage:
QAT Crypto: No
Does your CPU not support it, or might that be off from years past? I recently found a Netgate SG-4860 where it was off after many upgrades because the setting had been set to AES-NI.
(for @JT40, I believe OpenVPN doesn't use QAT just AES-NI)
-
My understanding is that OpenVPN uses AES-NI. I don't know anything about QAT.
-
@jknott said in Minimum hardware requirement for VPN usage:
@jt40 said in Minimum hardware requirement for VPN usage:
It depends which I5 :) , can you tell me more?
Here's what the dashboard says:
Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Current: 2300 MHz, Max: 2301 MHz
4 CPUs: 1 package(s) x 2 core(s) x 2 hardware threads
AES-NI CPU Crypto: Yes (active)
QAT Crypto: NoThen it seems that I can purchase even a lower power box for this task, good stuff, thank you.
-
OpenVPN with DCO can use QAT if the hardware is supported.
