Hello you busy people,
Currently when "engine cryptodev" is set, it will show up in the OpenVPN log:
"Initializing OpenSSL support for engine 'cryptodev'"
On my NAS I use "engine cryptodev" (Armv7 so no aesni) in config.
1. engine cryptodev is software crypto, as in not offloading from CPU?
On my new self build router pfSense box I have AES-NI support on SoC, N3150 CPU.
2. It is hardware crypto, as in offloading from CPU?
If I understand correct, AES-NI will automatically be used by OpenSSL if
available, so no need to write "engine aesni" in the config.
3. Would it be possible to log if OpenSSL is making use of AES-NI?
In pfSense, when activating AES-NI in WebUI, a module aesni.ko gets loaded.
4. How would one know if AES-NI is actually being used, I mean looking at it in
real time?
These questions are related to some throughput testing for which I opened a
thread on the forum.
https://forums.openvpn.net/viewtopic.php?f=23&t=21598
Maybe someone can take a look?
Thanks,
Pippin
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
