Hottest Free Downloads - DownloadPipe.com Over 197,000 downloads! Bookmark Now!
DownloadPipe.com - New Downloads Every Minute
 SEARCH:
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Hardware requirements to feed multiple IPSec connections

  
   Linux (Home) -> Networking RSS
Next:  Forwarding an IP from external to internal  
Author Message
Natanael Mignon

External


Since: Jun 22, 2003
Posts: 2



(Msg. 1) Posted: Sun Jun 22, 2003 11:23 am
Post subject: Hardware requirements to feed multiple IPSec connections
Archived from groups: comp>os>linux>networking (more info?)
Hello everybody,

background is a VPN-Gateway probably (status: planning) running SuSE 8.2,
Kernel 2.4.21 and latest stable FreeS/WAN to establish a VPN with another
gateway of the same brand. Additionally that first gateway will have to
feed other incoming VPN-connections like Roadwarriors with PPTP or
(hopefully) other IPSec implementations. The static VPN tunnel runs over a
2MBit SDSL line in the first place, more lines or higher bandwith for that
line will probably come.

Question is: How much work is it for the hardware to encrypt and decrypt
IPSec traffic? What requirements would we have to meet in order to feed at
least 5MBit/s of IPSec traffic on that box?

I was quite sure that it would not be a problem for recent PC hardware to do
that job, but someone made me think about it, because he believed
otherwise.

Thanks for all hints and tips!

Kind regards,
--
- Nat

www.bleeding.de | www.metal-germany.de

-= Bleeding for Metal | c/o Madhouse Of Cain =-
-= P.O. Box 39 23 | 30039 Hannover | Germany =-
Back to top
Login to vote
Rick Cooper

External


Since: Jun 23, 2003
Posts: 1



(Msg. 2) Posted: Mon Jun 23, 2003 8:35 am
Post subject: Re: Hardware requirements to feed multiple IPSec connections [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Natanael Mignon <nat.RemoveThis@bleeding.de> wrote in
news:eis3db-0s7.ln@f4.intranet.bleeding.de:

> Hello everybody,
>
> background is a VPN-Gateway probably (status: planning) running SuSE
> 8.2, Kernel 2.4.21 and latest stable FreeS/WAN to establish a VPN with
> another gateway of the same brand. Additionally that first gateway
> will have to feed other incoming VPN-connections like Roadwarriors
> with PPTP or (hopefully) other IPSec implementations. The static VPN
> tunnel runs over a 2MBit SDSL line in the first place, more lines or
> higher bandwith for that line will probably come.
>
> Question is: How much work is it for the hardware to encrypt and
> decrypt IPSec traffic? What requirements would we have to meet in
> order to feed at least 5MBit/s of IPSec traffic on that box?
>
> I was quite sure that it would not be a problem for recent PC hardware
> to do that job, but someone made me think about it, because he
> believed otherwise.
>
> Thanks for all hints and tips!
>
> Kind regards,

I would recommend you look at
http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/performance.html

But for a mere 5MBit you won't need much of a machine. And bear in mind if
you compile with AES support the throughput increase (I believe) 40% on a
given platform.
Back to top
Login to vote
Natanael Mignon

External


Since: Jun 22, 2003
Posts: 2



(Msg. 3) Posted: Mon Jun 23, 2003 10:31 pm
Post subject: Re: Hardware requirements to feed multiple IPSec connections [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Rick Cooper wrote:

> I would recommend you look at
> http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/performance.html
> But for a mere 5MBit you won't need much of a machine. And bear in mind if
> you compile with AES support the throughput increase (I believe) 40% on a
> given platform.
Thanks for the info and the link. I'll have a look asap.

Kind regards,
--
- Nat

www.bleeding.de | www.metal-germany.de

-= Bleeding for Metal | c/o Madhouse Of Cain =-
-= P.O. Box 39 23 | 30039 Hannover | Germany =-
Back to top
Login to vote
Display posts from previous:   
Related Topics:
IPsec in 2.6 - I am trying to get a client setup for IPsec and Linux. I looked at the racoon docs, and it looks as if this is something totally different from the Windows feature of the same name. The people running the server give the Windows folks (a) an IP, and..

excessive incoming connections? - I'm running an IMAP and POP server on Linux Redhat 8 for 300 users. Users have been complaing about the service being unavailable. When this happens the log shows the entries like the following. -----------from /var/log messages------------------ Sep 1...

serial cable connections - I am looking for resources on the web that can teach me how to configure a linux client to connect to a windows server through a serial cable, and use it for web access. The computer I am trying to configure is currently set up in this way with windows....

separate connections between applications - Hi! HOw can i separete internet connetction between applications???

Direct connections through NAT/firewall - I'm involved with some research at the University of Manitoba (in Winnipeg, Canada) this summer. My colleagues and I are in the process of developing a method for reliably establishing direct connections over the Internet between two hosts that are..
       Linux (Home) -> Networking All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Categories:
 Windows Forums
 Game Forums
  Linux Forums
 Mac Forums
 PDA Forums
 Mobile Forums
  Top  |  Store  |  RSS Feeds RSS  |  Data Feeds  |  Advertise  |  Submit  |  Bookmark  |  Newsletter  |  Contact