On Jul 30, 2008, at 7:54 PM, Chris Buechler wrote:
On Thu, Jul 31, 2008 at 1:44 AM, Mark Dueck <[EMAIL PROTECTED]> wrote:
Throughput will be minimal. From 512Kbps to 2Mbps max. I guess my
biggest
concern is stability. I have lab tested the Soekris 4801 with
openVPN to
have throughput of up to 3MB/s, so it should be fine for these
locations,
but I'm just a little unsure of a 'business critical' decision and
wanted
some input.
I would probably go with ALIX hardware for such a deployment. I get
the ALIX hardware I use from netgate.com and would recommend them.
That'll push about 75 Mb of throughput, and about 10-12 Mb of VPN
traffic based on numbers I have heard from others. I haven't had a
chance to test max throughput on any of mine yet, they're definitely
more than adequate for what you're looking to do and give you a good
deal of scalability for the future.
there exists some chance of patching freebsd to use the AES (aes128-
only, natch) core on the LX700/800 for use
by your VPN software.
With that, your VPN throughput would be about what your non-VPN
throughput would be, as long as you're happy
that your only choice is aes128, of course.
Here is some linux-fu:
http://www.docunext.com/wiki/My_Notes_on_Patching_2.6.22_with_OCF
The Geode LX also has a hw rng on-board, if you trust that kind of
thing.
jim