Maybe. I think that hardware can still do full gigabit nat and firewalling.
--
Eero
On Mon, Feb 19, 2018 at 7:12 PM, Moshe Katz wrote:
> On Mon, Feb 19, 2018 at 10:42 AM, Paul Mather
> wrote:
>
> > On Feb 19, 2018, at 10:10 AM, Eero Volotinen
> > wrote:
> >
> > > Well. Does it require so much
On Mon, Feb 19, 2018 at 10:42 AM, Paul Mather
wrote:
> On Feb 19, 2018, at 10:10 AM, Eero Volotinen
> wrote:
>
> > Well. Does it require so much power, that I cannot run it on intel core2
> > quad Q9400, 2.66Ghz processor (4 cores) ?
>
>
> What a curious question. It does not require "so much p
On Feb 19, 2018, at 10:10 AM, Eero Volotinen wrote:
> Well. Does it require so much power, that I cannot run it on intel core2
> quad Q9400, 2.66Ghz processor (4 cores) ?
What a curious question. It does not require "so much power" but it does
require a minimum hardware spec, which that CPU w
gt;>>
> > >>>> How long does a project need to wait before it can require a feature
> > found
> > >>>> on all major x64 processors? Waiting 8-9 years seems reasonable to
> me.
> > >>>>
> > >>>> Given the fact that
gt;>>
> >>>>
> >>>> Walter
> >>>>
> >>>> On Thu, Feb 15, 2018 at 9:37 AM, Kyle Marek
> wrote:
> >>>>
> >>>>> This is silly. I shouldn't have to replace my hardware to support a
> >>>>> fea
in order to support the increased cryptographic
> loads
> >>>>> that we see as part of pfSense verison 2.5, pfSense Community Edition
> >>>>> version 2.5 will include a requirement that the CPU supports AES-NI.
> On
> >>>>> ARM-based system
;>> version 2.5 will include a requirement that the CPU supports AES-NI. On
>>>>> ARM-based systems, the additional load from AES operations will be
>>>>> offloaded to on-die cryptographic accelerators, such as the one found on
>>>>> our SG-1000 <https://ww
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Kyle Marek
Sent: Thursday, February 15, 2018 10:38 AM
To: pfSense Support and Discussion Mailing List ; Eero
Volotinen
Subject: Re: [pfSense] Configs or hardware?
> This is silly. I shouldn't
gt;>> On Thu, Feb 15, 2018 at 7:18 PM, Edwin Pers wrote:
>>>
>>>> I believe I read somewhere that the new version that requires aes-ni
>> will
>>>> be 3.x, and they plan to continue the 2.x line alongside it, as 3.x
>> will be
>>>> a major
on that requires aes-ni
> > will
> > >> be 3.x, and they plan to continue the 2.x line alongside it, as 3.x
> > will be
> > >> a major rewrite
> > >>
> > >>
> > >> -Ed
> > >>
> > >> -Original Message
s 3.x
> will be
> >> a major rewrite
> >>
> >>
> >> -Ed
> >>
> >> -----Original Message-
> >> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> >> Volotinen
> >> Sent: Thursday, February 15, 20
oun...@lists.pfsense.org] On Behalf Of Eero
>> Volotinen
>> Sent: Thursday, February 15, 2018 12:14 PM
>> To: Kyle Marek
>> Cc: pfSense Support and Discussion Mailing List
>> Subject: Re: [pfSense] Configs or hardware?
>>
>> Well. Next version of pfsense
: Thursday, February 15, 2018 12:14 PM
> To: Kyle Marek
> Cc: pfSense Support and Discussion Mailing List
> Subject: Re: [pfSense] Configs or hardware?
>
> Well. Next version of pfsense (2.5) will not install into hardware that
>
, February 15, 2018 12:14 PM
To: Kyle Marek
Cc: pfSense Support and Discussion Mailing List
Subject: Re: [pfSense] Configs or hardware?
Well. Next version of pfsense (2.5) will not install into hardware that does
not support AES-NI, so buying such hardware is not wise ?
Eero
Well. Next version of pfsense (2.5) will not install into hardware that
does not support AES-NI,
so buying such hardware is not wise ?
Eero
On Thu, Feb 15, 2018 at 7:01 PM, Kyle Marek wrote:
> I have not had such an issue. Using 2.4.2 with System Information widget
> saying "AES-NI CPU Crypto:
I have not had such an issue. Using 2.4.2 with System Information widget
saying "AES-NI CPU Crypto: No".
On 02/15/2018 11:55 AM, Eero Volotinen wrote:
> Please note that next pfsense will not install hardware that is not
> supporting aes-ni?
>
> Eero
>
> On Thu, Feb 15, 2018 at 6:37 PM, Kyle Marek
Please note that next pfsense will not install hardware that is not
supporting aes-ni?
Eero
On Thu, Feb 15, 2018 at 6:37 PM, Kyle Marek wrote:
> This board does round-up gigabit (something like 976 Mb/s) in both
> directions on all 4 interfaces: https://www.amazon.com/dp/B00XNR4HE2/
>
> The key
This board does round-up gigabit (something like 976 Mb/s) in both
directions on all 4 interfaces: https://www.amazon.com/dp/B00XNR4HE2/
The key for me here was the interrupt coalescence of these particular
Intel NICs. A very similar board with Broadcom NICs that lacked this
feature maxed out the
Try increasing network buffers via "system tunables".
Em 15 de fev de 2018 12:14, "Michael Munger"
escreveu:
> TL; DR.
>
> On 1Gbps downloads, our pfSense firewalls are performing poorly with
> speed tests of ~400Mbps. It's either pfSense configs (not likely) or the
> hardware (more likely). I d
On 02/15/2018 09:14 AM, Michael Munger wrote:
TL; DR.
On 1Gbps downloads, our pfSense firewalls are performing poorly with
speed tests of ~400Mbps. It's either pfSense configs (not likely) or the
hardware (more likely). I do not want to buy a commercial box. For our
corporate network, we use H
Also, this is an incredibly common question on the pfSense forums. (Not trying
to be condescending, just stating.) I racked my mind trying to figure something
out when, like you said, it’s a solved problem. Basically, get a reasonably
powered computer and put some real Intel NICs in it and you’
I have an optiplex 970 (possibly 980, don’t recall) with 16GB RAM and a quad
port Intel NIC that handles gigabit fiber with no issues at all. I managed to
order a knockoff NIC (half the thing’s from eBay), so I’m surprised it’s
performing this well, but it’s been rock solid. Granted it’s for hom
Hi,
This hardware can do gigabit (wirespeed) NAT/FW
https://www.amazon.com/gp/product/B016VHBA7C (tested on my home, using
symmetric gigabit line...)
but, I we use NetGate SG-8860 on our main offices:
https://www.voleatech.de/en/product/sg-8860-1u/?gclid=EAIaIQobChMIlbTj5o-o2QIVBJ8bCh1phgmKEAAY
23 matches
Mail list logo
