no AES on ZFS
-
Hello
I've noticed that AES on ZFS always inactive.
No matter what I do..
Could anyone tell me why?
Thanks!
-
@dealornodeal
System -> Advanced -> Miscellaneous enable it and reboot maybe ?
-
doesn't help
-
Hi. If the platform you are running pfSense supports AES you should be able to select it in System -> Advanced -> Miscellaneous.
As far as I know a reboot is not necessary and the option looks like this:
-
Mine's set for AES-NI CPU-based Acceleration and shows enabled on the Dashboard.
-
-
Hi
Actually I had this issue before on different hardware.
Typically UFS always fine with AES crypto
-
I don't think this is a ZFS thing. I am running ZFS on my main pfSense and it detects AES just fine:
CPU Type Intel(R) Core(TM) i5-7267U CPU @ 3.10GHz 4 CPUs: 1 package(s) x 2 core(s) x 2 hardware threads AES-NI CPU Crypto: Yes (active)Hardware crypto AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTSDisk usage: / 1% of 113GiB - zfs /tmp 0% of 113GiB - zfs /var 0% of 113GiB - zfs /zroot 0% of 113GiB - zfs /var/run 5% of 3.4MiB - ufs in RAMOn my main unit I am running pfSense version 2.5.0. What version of pfSense are you running? Maybe try another version? Or some BIOS setting?
-
I am on version 2.4.5-RELEASE-p1
-
I will update to 2.5.1 and return with result
-
@dealornodeal
Please make sure that you have a working backup of your current config (2.4.5-p1) and an iso / img saved for version 2.4.5-p1 in case you need to return to that version.
For me 2.5.1 was a no-go because multi-wan setup with port forwarding is broken. Consider that if you have a need for multi-wan. Otherwise goodluck!
-
thank you for advice, however same result here
AES-NI CPU Crypto: Yes (inactive) -
@dealornodeal
Still no option to select AES in System -> Advanced -> Misc?Then maybe it has something to do with your hardware.
-
but as people say.. there is no bad thing without a good thing...
finally I learnd some new stuff about pfsense
looks like they are working under registered trademark of Electric Sheep Fencing, LLC
Pretty self-explanatory
-
I have reinstalled pfsense on zfs without swap encryption, dashboard shows AES is active.
Consider this question as closed.
