>-----Original Message-----
>From: Charles Steinkuehler
>Subject: Re: [Leaf-user] Is this newbie even in the right ballpark with LEAF?
(Summary)
>
>
>> >I've seen a number of reports from folks successfully using hardware
>> >acceleration with FreeS/WAN,
>>
>> Oh? I didn't see any drivers for hardware accelerators - Or did
>> I miss something.
>
>I don't think you missed anything...there's no hardware support in the
>mainstream code for FreeS/WAN. I have, however, seen several reports of
>folks adding hardware support to the FreeS/WAN code base on the mailing
>list. I have no idea if their code is available, or under what terms, but
>there are reports of folks who have done this. The libdes used by FreeS/WAN
>is the same libdes provided with OpenSSL, and since most crypto hardware
>makers who support linux provide OpenSSL patches, it may not be too hard to
>interface FreeS/WAN to acceleration hardware, although such a project is
>likely not for the feint of heart (there are still several
>kernel-mode/user-mode issues...
I'll pass at this time...
However: Also check out PowerCrypt at:
<http://www.powercrypt.com/>
>AFAIK, OpenSSL is generally designed to run
>in user-space, while the FreeS/WAN software crypto routines are running in
>kernel space, which makes a big difference in how you talk to the hardware).
Yeah, you could say that
>>>although this is not a particularly main-stream
>>>thing. If you really want to burst to 155 MBits/sec, you'll probably need
>>>some form of hardware acceleration (at least for a year or two, until the
>>>5-6 GHz CPU's come out).
>>
>> If I need more CPU horsepower, I'll use 21264 (Alpha) CPU's instead.
>
>Sounds like a plan...I've seen reports of 3DES routines that really smoke
>running on Alphas, taking advantage of the true 64 bit architecture to run
>bit-sliced algorithms which really speed things up vs the clunky x86
>systems.
Yes, I've been using Alpha's for 5 years now - I have 3 Multia's in boxes in
my basement; plus an AlphaPC 164SX (with 533 mHz 21164PC CPU) running
Win2k/RC2 server. [I also have another identical 164SX mobo on the way that
was shipped last week, so I'll be building an NT4/Datacenter cluster for
Exchange 5.5, to work as my "home & family" email server(!)]
>If you go with an alpha system, you'll probably want to use a
>mainstream disto...you might want to do this anyway, depending on how 'thin'
>you want to make your VPN gateways.
<http://www.alpha-processor.com>
>You might also consider seperating your VPN gateway and firewall functions
>into seperate boxes, but that introduces complications of a different sort
>(especially routing)...
>
>
>Charles Steinkuehler
>http://lrp.steinkuehler.net
>http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
