4. PfSense branded hardware not showing ipsec performance with aes-ni???

PfSense branded hardware not showing ipsec performance with aes-ni???

  • K

    The pfSense store shows ipsec performance without using AES-NI but not with it.  I would think that pfsense would have already tested this.  Curious as to why this has yet to be provided.

    0
  • K

    No response yet :-(

    0
  • Netgate Administrator

    Do you have link to the specific page you're referring to?
    It's probably because at one point the IPSec performance with AES-NI was improving on an almost daily basis with the work going into it.

    Steve

    0
  • K

    Here is the page:  https://store.pfsense.org/c2758

    I understand that improvements may be happening regularly with AES-NI but the version that is included in 2.2.2 is probably not changing daily.  I would expect that if they could provide results from using without AES-NI that they could also provide results with AES-NI since the unit supports it.  All it takes is taking to units and performing an actual test across a gigabit switch…

    Unless the results are not that much of an improvement possibly due to it only recently being included in freebsd......

    I find it odd that they would not include this since it is mentioned as being available.

    0
  • ?

    I would expect that if they could provide results from using without AES-NI that they could also provide results with AES-NI since the unit supports it.

    For sure it would be nice to see those numbers.

    All it takes is taking to units and performing an actual test across a gigabit switch…

    This way I don´t love to see, because this is then not really interesting. Better to go by a 1 GB line
    and see what between two boxes would be able to handle is a right way in my eyes.

    0
  • P

    @BlueKobold:

    All it takes is taking to units and performing an actual test across a gigabit switch…

    This way I don´t love to see, because this is then not really interesting. Better to go by a 1 GB line
    and see what between two boxes would be able to handle is a right way in my eyes.

    Performance numbers on data sheets are almost always in "ideal scenario" environments. If they're measured the same way as the non-AES-NI numbers, they are a good comparison.

    So… since 2.2.4 is released in the mean time: any update when these numbers can be expected?

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy