[leaf-user] Bering 1.2 Throughput Test Results

2004-04-13 Thread Roger E McClurg 
I thought the group might be interested in the results of some throughput 
testing we conducted recently. The purpose of the tests was to determine 
the relative performance of the OpenBrick E platform as a Bering 1.2 
VPN/router. The results were very interesting.

The test process was to FTP a 600Mb binary file between two identical PCs. 
The PCs were on 100Mb LANs connected via the Bering 1.2 VPNs .  Before we 
did the VPN tests, we benchmarked the PCs on the same LAN  so we could get 
an idea of the maximum throughput speed. The PCs transferred the file at 
78.85 Mb/sec. 

The next test was to FTP from the PC connected to the OpenBrick E to the 
PC connected to a 500 Mhz P III running Bering 1.2.  The transfer rate was 
only 12.67 Mb/sec.  The 3DES IPSEC encryption was certainly taking it's 
toll. 

Next we replaced both Bering machines with Nortel Contivity 1500 VPN 
devices. The Contivity is a popular VPN concentrator for small branch 
offices. It was designed specifically for the purpose of a VPN 
concentrator. Imagine our surprise when the Contivity transfer rate was 
only 4.45 Mb/sec. The Bering boxes were running weblet, shorewall, 
dnscache, dhcpd, ssh, sshd, sftp, snmp, and snmpd in addition to IPSEC, 
and yet they were almost three times faster than commercial VPN 
concentrators. 

We recently pulled off the covers from a dead Contivity and found a 
complete PC with a 400 Mhz Celeron processor. Not wanting any usable 
hardware to go to waste, we put in a new (actually an old used) hard disk 
and made the Contivity into a Bering 1.2 VPN concentrator. We then used 
this Contivity in place of the OpenBrick E and ran the first VPN test 
again. This time the throughput was clocked at 13.11 Mb/sec!  Wow! A 
Nortel Contivity converted to Bering 1.2 runs almost 3 times faster than 
one running Nortel software.  It was also slightly faster than the Open 
Brick E with it's little 533 Mhz Via processor. 

I didn't try an unmodified Contivity to the Bering P III. It might be an 
interesting test to try. Maybe later.

Here is a schematic of the tests/results:
PC 
-PC 
  78.85 Mb/sec
PC--OpenBrickP III---PC 
12.67 Mb/sec
PC--ContivityContivity---PC 
4.45 Mb/sec
PC--Bering Contivity-P III---PC 
13.11 Mb/sec

If anyone else has done any benchmarking, I'd like to hear about it. 

My hat is off to the LEAF developers. You have put together one impressive 
collection of software.

Roger


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] LEAF Theory of Operation

2004-04-13 Thread jeremy rubia 
Hi to all,

I had been browsing and searching all docs in this
archive and including the leaf homepage but still cant
find what i want.
Just want to know on where can i find a document that
explains the theory of operation of LEAF.


Thanks,
jr




__
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] LEAF Theory of Operation

2004-04-13 Thread Vic Berdin 
Hi,

> Message: 2
> Date: Tue, 13 Apr 2004 18:32:41 -0700 (PDT)
> From: jeremy rubia <[EMAIL PROTECTED]>
> To: leaf <[EMAIL PROTECTED]>
> Subject: [leaf-user] LEAF Theory of Operation
> 
> Hi to all,
> 
> I had been browsing and searching all docs in this
> archive and including the leaf homepage but still cant
> find what i want.
> Just want to know on where can i find a document that
> explains the theory of operation of LEAF.

>From experience, LEAF is one of the most documented opensource 
projects that I know of. Anyways, basically, LEAF is a Linux 
Firewall (and service/s package) on a floppy disk project. 
Theories in-practise are:

 - boot off a Linux Firewall (and server,etc) OS from a floppy 
   disk
 - floppy disk simply contains compressed images (tgz'd images)
 - compressed images are exploded on ram disk to make up the 
   entire Linux fs
 - changes made in config settings are backed up by compressing 
   (tgz'ing) volatile fs files on ramdisk back to image format,
   then copied back to the floppy disk

note that the floppy disk target has now evolved in many forms. 
many people are also using CDROMS (no backup or backup is done
on other media), Compact Flash, MTDs, etc.

 
HTH - vic

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 4/9/2004



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html