Openvpn bsdcrypto acceleration
-
It should do the Via probably has the Padlock encryption engine built in. But like I say above numbers aren't everything. ;)
Steve
-
How are you testing throughput?
-
A ridiculous long chain of machines! :D
An OpenVPN connection between two machines, the box I'm testing and one that's much more powerful to guarantee it's not slowing things down. I establish the VPN and then run iperf using the powerful end as the server and a laptop behind the test box as a client.
I saw ~25Mbps with various encryption types with the card but ~33Mbps once I removed it.Steve
-
two machines on the same router, but different interfaces?
-
Yes as it happens they are connected via separate interfaces on my home router. They could just as easily have been connected directly though.
Steve
-
Thanks for the info. I'll try it out and see what results I get. What setup do you like for the best bang for your buck for SMB users. 10 or less users.
-
I did your test with openvpn and iperf on seperate interfaces. I got around 70 Mbits/sec. Far better than what the openssl test showed. weird stuff. thanks for your help. Both the server and client were running in VM's so that may have slowed it down a bit too, not sure. I will try with standalone machines next.
-
Ah well there you go. :)
About twice as fast as my Pentium 3 era Celeron 1200.
I was running 'top' on the console of the test box to make sure it was running at 100%, it could not pass more traffic. Also I tested the connection outside the VPN to make sure I wasn't being restricted by something else in the route. However if that's possible you have top be sure that the test traffic is actually using the VPN! ;) I did that by using the WAN interface on the remote box to test the route and the LAN to test the VPN. The LAN address is only accessible over the VPN.Steve
-
ill try the lan/wan test next. I tried it where I had the client and server on different lan interfaces that couldn't talk to each other except for vpn. when i disconnected the vpn, and tried without it on the same lan, i got 250Mb. Is that normal for a gig interface? maybe the VM was limiting it some? They were on the same switch.
-
I would expect more from an Atom with Gigabit interfaces. Something >500Mbps.
It's not clear exactly how you had the test setup connected. If that's between two VMs connected to the same switch I would expect near Gigabit results, the traffic would not be going through the pfSense box at all.It's very easy to overlook something and end up testing the wrong thing in these sorts of test.
Steve
