C2758 Good for 1Gb/s IPSEC?



  • Looking at various hardware types and the C2758 boxes by Supermicro are very appealing as they have front mount IO, which saves a lot of hassle compared to buying lots of bits and bolting them together. Also it looks like this platform has a lot of attention from the PFsense Dev's so makes it a sound choice.

    The main driver for this is to provide a site to site VPN across a 1Gb/s link. As I understand with AES-GCM these newer atom processors are very competitive, but I can't find any solid results anywhere of what they can achieve. The PFsense store only lists the unaccelerated speeds.

    So two questions really:-

    1. Will the C2758 processors be able to support a 1Gb/s accelerated IPSEC tunnel?
    2. If not, any recommendations for a 1U Xeon E3 combo with Front IO?

    Many thanks





  • Thanks for the reply.

    I did see this post but I was wondering if there were any more recent results?

    The C2758 results seem to be limited to about 300Mb which isn't that much faster than the un-accelerated speeds. The Xeon E3 results scale much better once AES-NI is enabled.



  • unaccelerated they max out at 60-100mbit, so its a factor 3 increase.

    and yes, i would hope the xeons perform better, the board+cpu+ram will cost atleast double of the c2758 ;)



  • look up the xeon d. hard to find in stock atm



  • Those Xeon D's look ideal but as mentioned, very hard to find and they look pretty costly as well, although the integrated 10GB Nic offsets that slightly.

    I think I can probably spec up a Xeon E3 for a similar price to one of the C2758's so I guess that's the best option for now.

    Thanks for the replies