Re: [CentOS] Firewall/Gateway Hardware Question
On 10/15/2013 06:05 PM, SilverTip257 wrote: On Tue, Oct 15, 2013 at 2:31 PM, Steve Clark scl...@netwolves.com wrote: Hi, we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07. @Steve: Based on your statement, I figure you do not have a crypto accelerator and That is correct - we do you AES which is an easier calculation than 3DES the CPU is handling all the crypto. Correct? @Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine. AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though. [0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3 HTH, Steve On 10/15/2013 02:13 PM, Terre Porter wrote: I've not worked with Atom processors but I'll look in to it. Thanks for the info. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter tpor...@webpage-builders.com wrote: I've given up on getting the other machine to work so I'm looking at building a new one. The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients). I read so much about VPN encryption and the processor needs, now I am unsure if this will work. You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web. I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Seems like overkill to me. I'd suggest more along the lines of an Atom-CPU based system. One of those mini-ITX setups that use 20W or thereabouts. Just my two cents. Any thoughts? Thanks, Terre ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
On 10/15/2013 07:29 PM, Terre Porter wrote: I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Except for HTTP cache, my opinion is an OpenWRT box will do it. If you need an HDD, I would go for a Lanner with HDD: http://goo.gl/52mXqx -- +261 34 81 738 69 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Firewall/Gateway Hardware Question
I've given up on getting the other machine to work so I'm looking at building a new one. The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients). I read so much about VPN encryption and the processor needs, now I am unsure if this will work. I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Any thoughts? Thanks, Terre ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter tpor...@webpage-builders.com wrote: I've given up on getting the other machine to work so I'm looking at building a new one. The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients). I read so much about VPN encryption and the processor needs, now I am unsure if this will work. You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web. I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Seems like overkill to me. I'd suggest more along the lines of an Atom-CPU based system. One of those mini-ITX setups that use 20W or thereabouts. Just my two cents. Any thoughts? Thanks, Terre ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
I've not worked with Atom processors but I'll look in to it. Thanks for the info. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter tpor...@webpage-builders.com wrote: I've given up on getting the other machine to work so I'm looking at building a new one. The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients). I read so much about VPN encryption and the processor needs, now I am unsure if this will work. You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web. I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Seems like overkill to me. I'd suggest more along the lines of an Atom-CPU based system. One of those mini-ITX setups that use 20W or thereabouts. Just my two cents. Any thoughts? Thanks, Terre ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
Hi, we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07. HTH, Steve On 10/15/2013 02:13 PM, Terre Porter wrote: I've not worked with Atom processors but I'll look in to it. Thanks for the info. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter tpor...@webpage-builders.com wrote: I've given up on getting the other machine to work so I'm looking at building a new one. The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients). I read so much about VPN encryption and the processor needs, now I am unsure if this will work. You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web. I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Seems like overkill to me. I'd suggest more along the lines of an Atom-CPU based system. One of those mini-ITX setups that use 20W or thereabouts. Just my two cents. Any thoughts? Thanks, Terre ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, Oct 15, 2013 at 02:31:03PM -0400, Steve Clark wrote: Hi, we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07. HTH, Steve Some years back I used to run Smoothwall/GPL as a home firewall/router on things such as 90 MHz pentiums (with 64 or even 128 MB RAM), or at one point a 500 MHz AMD K6, and it had no load problems at all handling the 3 or 4 of us here who share the household LAN. Therefore I'd think that something such as an Atom would be entirely up to the task. There are a number of (relatively) inexpensive Atom boards in a Micro-ATX or Mini-ATX format that you could use, for example. Fred -- --- .Fred Smith / ( /__ ,__. __ __ / __ : / // / /__) / / /__) .+' Home: fre...@fcshome.stoneham.ma.us // (__ (___ (__(_ (___ / :__ 781-438-5471 Jude 1:24,25 - ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, Oct 15, 2013 at 2:31 PM, Steve Clark scl...@netwolves.com wrote: Hi, we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07. @Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct? @Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine. AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though. [0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3 HTH, Steve On 10/15/2013 02:13 PM, Terre Porter wrote: I've not worked with Atom processors but I'll look in to it. Thanks for the info. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter tpor...@webpage-builders.com wrote: I've given up on getting the other machine to work so I'm looking at building a new one. The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients). I read so much about VPN encryption and the processor needs, now I am unsure if this will work. You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web. I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Seems like overkill to me. I'd suggest more along the lines of an Atom-CPU based system. One of those mini-ITX setups that use 20W or thereabouts. Just my two cents. Any thoughts? Thanks, Terre ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
On Tue, 2013-10-15 at 18:05 -0400, SilverTip257 wrote: @Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct? @Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine. AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though. [0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3 You should look at the single board computers sold by Soekris Engineering. http://soekris.com Specifically the net6501 series: http://soekris.com/products/net6501.html Specifications: • 600 Mhz to 1.6 Ghz Intel Atom E6xx single chip processor with EG20T companion chip • 512 to 2048 Mbyte DDR2-SDRAM, soldered on board • 2x SATA 3 Gbit interfaces with +5V and +12V power header • 4x Intel 82574L Gigabit Ethernet ports, Auto-MDIX RJ-45, protected to 700W/40A Surge • 2x Serial ports, DB9 and 10 pins internal header • USB 2.0 interface, 2x internal, 1x external port, bootable • 1 Full Mini-PCI Express shared with mSATA socket. • 1 USB only Mini-PCI Express shared with mSATA socket • 2x PCI Express Slots, right angle • 16 bit general purpose I/O, 24 pins header, connected to FPGA ...in either a tiny or a rackable box. The number of lan slots can be increased above 4 by using expansion cards. Steve ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
Interesting looking hardware... thanks for the info -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of S.Tindall Sent: Tuesday, October 15, 2013 8:29 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question On Tue, 2013-10-15 at 18:05 -0400, SilverTip257 wrote: @Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct? @Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine. AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though. [0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3 You should look at the single board computers sold by Soekris Engineering. http://soekris.com Specifically the net6501 series: http://soekris.com/products/net6501.html Specifications: • 600 Mhz to 1.6 Ghz Intel Atom E6xx single chip processor with EG20T companion chip • 512 to 2048 Mbyte DDR2-SDRAM, soldered on board • 2x SATA 3 Gbit interfaces with +5V and +12V power header • 4x Intel 82574L Gigabit Ethernet ports, Auto-MDIX RJ-45, protected to 700W/40A Surge • 2x Serial ports, DB9 and 10 pins internal header • USB 2.0 interface, 2x internal, 1x external port, bootable • 1 Full Mini-PCI Express shared with mSATA socket. • 1 USB only Mini-PCI Express shared with mSATA socket • 2x PCI Express Slots, right angle • 16 bit general purpose I/O, 24 pins header, connected to FPGA ...in either a tiny or a rackable box. The number of lan slots can be increased above 4 by using expansion cards. Steve ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
I have must have been in a hardware vacuum, have a clue any of that hardware you mentioned. Added it to the research list - haha! Thanks -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of SilverTip257 Sent: Tuesday, October 15, 2013 6:05 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question On Tue, Oct 15, 2013 at 2:31 PM, Steve Clark scl...@netwolves.com wrote: Hi, we are running 51 ipsec vpns on an Atom D510 at 1.66ghz and the load average is .07. @Steve: Based on your statement, I figure you do not have a crypto accelerator and the CPU is handling all the crypto. Correct? @Terre: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine. AMD Geode CPUs like those in PC Engines ALIX [1] hardware have an integrated crypto accelerator [2]. If it wasn't for your web proxy requirements, etc an ALIX might fit the bill (with the right embedded OS - think Voyage Linux). You're better off with the hardware you're researching right now though. [0] http://www.via.com.tw/en/initiatives/padlock/hardware.jsp [1] http://www.pcengines.ch/alix.htm [2] http://www.twam.info/hardware/alix/using-geodes-aes-engine-on-alix3d3 HTH, Steve On 10/15/2013 02:13 PM, Terre Porter wrote: I've not worked with Atom processors but I'll look in to it. Thanks for the info. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of SilverTip257 Sent: Tuesday, October 15, 2013 12:36 PM To: CentOS mailing list Subject: Re: [CentOS] Firewall/Gateway Hardware Question On Tue, Oct 15, 2013 at 12:29 PM, Terre Porter tpor...@webpage-builders.com wrote: I've given up on getting the other machine to work so I'm looking at building a new one. The machine will be a firewall/gateway running NAT, Web Proxy with Dansguardian, DHCP, DNS, NTP and VPN (~6 clients). I read so much about VPN encryption and the processor needs, now I am unsure if this will work. You'll likely need to determine how many VPN tunnels you're going to run simultaneously and then find benchmarks on the web. I can get this for AMD FX-8120 Zambezi 3.1GHz Socket AM3+ 125W Eight-Core Desktop Processor for under $120 (it's on sale), would it work ? Seems like overkill to me. I'd suggest more along the lines of an Atom-CPU based system. One of those mini-ITX setups that use 20W or thereabouts. Just my two cents. Any thoughts? Thanks, Terre ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall/Gateway Hardware Question
On 10/15/2013 3:05 PM, SilverTip257 wrote: I don't know how VIA C7 CPUs stack up against the Intel Atom CPUs in terms of performance, but they're low power consuming x86 processors. And there's the VIA Padlock [0] security/encryption engine. I think the Atoms pretty much beat the living daylights out of the C7 stuff, which were based on an architecture many generations old. some of the core I3/i5 laptop chips are very low power, too, and nearly as powerful as modern 2-4 core desktop processors..the current 'Pentiums' are somewhere in between the Atom and the low end of the Core line. -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
