On Sep 29, 2005, at 8:52 PM, R. Scott Belford wrote:
Jim Thompson wrote:
---snip much illumination------
If you've got a cast-off P3 box, its fairly trivial to give it a pair
of PCI NICs and run m0n0wall from an ISO image. This will result in
higher throughput for the IPSEC side of things.
The other way to improve performance would be to stick an encryption
accelerator in one of the on-board miniPCI sockets. Soekris sells
one
that is plug-n-play with m0n0wall: http://www.soekris.com/
vpn1401.htm
Does the suggested use of either a P3 box or an encryption accelerator
mean that the CPU would become the bottleneck if using IPSEC on a P166
monowall?
Depends on which algorithm you use, but 3DES goes about 108 clocks/byte.
http://citeseer.ist.psu.edu/schneier97fast.html
gonzo:~ jim$ echo "166*1000*1000/108" | bc
1537037
or, in bits/sec
gonzo:~ jim$ echo "166*1000*1000/108*8" | bc
12296296
Yes, thats 12Mbps.
Now, the above factors in no I/O overhead, (servicing interrupts),
only deals with large packets (where the
per-packet overhead is minimized) (we actually assume no overhead in
the calculation, etc.)
And you might want to have a little bit of CPU left over to run (the
rest of) linux/freebsd, copy the packet around, etc.
You'll also need some CPU headroom for MD5 or SHA-1 in order to run
the AH portion of IPSEC, etc. For example,
SHA-1 on a Pentium requires (another) 13 cycles/byte.
gonzo:~ jim$ echo "166*1000*1000/(108+13)*8" | bc
10975200
So there is no way you'll keep even a 10Mbps Ethernet full doing 3DES
+SHA-1 IPSEC on a 166Mhz CPU.
AES (in software) needs around 50 cycles/byte for 8k blocks, with an
average penalty of another 3 cycles/byte for 1K blocks, generating
about 2X the
speed.
Of course, you can always throw CPU at the problem.
On a 2.4GHz P4, AES-CFB (the mode specified in the IPSEC RFC) runs
around 100Mbps (but again, this is with larger blocks
than are found on networks.) The VIA cores that support the Padlock
AES acceleration will run the same AES-CFB mode at over 6300Mbps,
while using
about 60% of the CPU. (mini-itx boards that use these CPUs are also
no more expensive than the encryption accelerator I pointed to earlier.)
All of this means that the short answer to your question is "Yes",
but then, you didn't say how fast the network had to be. :-)
jim
