C2758 Good for 1Gb/s IPSEC?
-
Looking at various hardware types and the C2758 boxes by Supermicro are very appealing as they have front mount IO, which saves a lot of hassle compared to buying lots of bits and bolting them together. Also it looks like this platform has a lot of attention from the PFsense Dev's so makes it a sound choice.
The main driver for this is to provide a site to site VPN across a 1Gb/s link. As I understand with AES-GCM these newer atom processors are very competitive, but I can't find any solid results anywhere of what they can achieve. The PFsense store only lists the unaccelerated speeds.
So two questions really:-
1. Will the C2758 processors be able to support a 1Gb/s accelerated IPSEC tunnel?
2. If not, any recommendations for a 1U Xeon E3 combo with Front IO?Many thanks
-
-
Thanks for the reply.
I did see this post but I was wondering if there were any more recent results?
The C2758 results seem to be limited to about 300Mb which isn't that much faster than the un-accelerated speeds. The Xeon E3 results scale much better once AES-NI is enabled.
-
unaccelerated they max out at 60-100mbit, so its a factor 3 increase.
and yes, i would hope the xeons perform better, the board+cpu+ram will cost atleast double of the c2758 ;)
-
look up the xeon d. hard to find in stock atm
-
Those Xeon D's look ideal but as mentioned, very hard to find and they look pretty costly as well, although the integrated 10GB Nic offsets that slightly.
I think I can probably spec up a Xeon E3 for a similar price to one of the C2758's so I guess that's the best option for now.
Thanks for the replies