On Mon, Nov 10, 2003 at 03:22:43PM -0600, PJ Welsh wrote: > On Mon, Nov 10, 2003 at 03:26:06PM -0500, Brian J. Schrock wrote: > > > > I second that, and I think I remember hearing Mark talking about it too. But..... > > > > What type of encryption can you do that does not introduce latency? > > > > That said, I would like it to support hardware encryption cards. > > > > I have done work with FreeS/WAN and it works, and yes it adds about 30-100ms of > > latency depending on what else is going on. I think it has something to do with > > keying. > > I don't understand why the latency will be so high. I've run misc test (not with * > since I don't have a PBX/voicemail needs with *) and find that I have less issues > (more consisten responces and good throughput) with FreeS/WAN. The firewall machines > maintain a persistant tunnel. They should be keeping "active" connecitons between > servers humming right along. Do you have an overloaded FreeS/WAN server? I even get > better results going through FreeS/WAN on one connection to my home (the cable > provider seems to like to bandwith throttle the other services to some degree).
Not sure, here is a ping to a station on their LAN. Before I set it all up, we were fluctuating between 50~70ms, the link stays active I do see something that I think is rekeying every so often. We are currnetly looking at moving to OpenVPN, which is supposed to support udp. 64 bytes from 192.168.0.20: icmp_seq=1 ttl=126 time=111 ms 64 bytes from 192.168.0.20: icmp_seq=2 ttl=126 time=115 ms 64 bytes from 192.168.0.20: icmp_seq=3 ttl=126 time=109 ms 64 bytes from 192.168.0.20: icmp_seq=4 ttl=126 time=111 ms 64 bytes from 192.168.0.20: icmp_seq=5 ttl=126 time=110 ms 64 bytes from 192.168.0.20: icmp_seq=6 ttl=126 time=119 ms 64 bytes from 192.168.0.20: icmp_seq=7 ttl=126 time=107 ms _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users
