Thanks for the link. Looking for a 1u rack mountable chassis though so I can eventually move it to a rack.the sale is sold out
Edit: Chassis ~$70 so cheaper options exist:
http://www.supermicro.com/products/chassis/Mini-ITX/101/SC101i.cfm
Supermicro A1SRi-2558F
- Thread starter Patrick
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
we will see for QA...
I am talking openVPN not ipsec in general..
in general speaking, i3 or e3 still the best working solution for vpn
AES is still common to support vpn..
I doubtly QA would be major due on non long term proof
I remember, VIA has AES that help processing directly, just load the kernel module and work as intended.
poor VIA... this did not pickup by many users.
hopefully, QA would be not proof of concept to work on.
AES has been used many years back in 1990 and works!
and I am glad intel put AES to N series SoC processor..
try to act as vpn client or serve vpn server. openvpn is very common ..
you will see when 1 connection with fully data transfer will eat cpu processing ...
I am running J1800 (without AES). average is 10% with two other VMs of debian.
this will hit to 80-90% when running openvpn client when transfering data...m but still no slowdown or reduce performance.
idling with openvpn client running just take around 10&-12%....
I think QA has been around in discussion, intel submitted the patch in 2014 and pfsense is porting from linux to their code
.my understanding, I see no real result instead of simple testing with ipsec.
imagine when connecting to site with openvpn and should running 24/7 without a glictch..
Last edited:
I means, marve.. performance is not good haha...'Cept for the corners of the chip when it's soldered to the board itself
Running fully busy with vpn tunneling?...
Check on htop..
That could be one core is processing..
My baytrail d is running proxmox and 3 vms..
Are you using qa ? Since it has been patched in Linux.
Having a big brother model will help.
While the AES Encryption Standard competition took over 5 years with multiple rounds and many reviews, the AES Standard was not finalized until Nov 2001. Perhaps in 1990 you were using 3DES or another algorithm
I think 90... , read many paper on AES and was studying in university before move to us in late 90.. to continue my study and stuck in US after graduation..While the AES Encryption Standard competition took over 5 years with multiple rounds and many reviews, the AES Standard was not finalized until Nov 2001. Perhaps in 1990 you were using 3DES or another algorithm
haha, you are correct, need more coffee morning
...I started with via miniitx that has aes on the cpu, 2000- is the correct answer..
I was freak-out at that time, AES supported in CPU, nice!!!
thanks for correction.
thanks.
very interesting mini-itx board of big brother.
I would put in my future upgrade list..
I am a hardcore cli
hahahah.my issue on openvpn is
remote node <-> HQ center.
when moviong many small files between those two site, openvpn client and server will suck up cpu cycle very much.
transfering big data is ok.
my understanding: due on smal files and more overheads, openvpn need extra works with addition with ency/decrypt
side notes:
I was skeptikal with Intel bay trail D that is very cheap!!. I got one for $35 new.
and was surprised when I can load 2 heavy VMs (router and openvpnclient) and a ligh debian vm.
the consumption is pretty good for 10W(mostly)-15W(max), compared with my old Celeron 847 that eats 20W idle.
waiting Xeon D to drop in price
....I wouldn't count on openvpn getting QA speedups anytime soon...maybe never. (snort was dropped by intel for example) Some of the other vpn stuff loves it though, ipsec for example.
Openvpn is oldschool single threaded userspace (last I checked) so you want oldschool true cpu grunt, aka the mainstream cores (ivy/hasw/broad/sky etc) and reasonably high clockspeed. The most bang/$ to get this is the cheap dual cores, they tend to be higher clocked than their desktop quad core equivs too, much higher than most high core count server cpus. Make sure you run a recent config too, pfsense took awhile to enable aes-ni properly for example.
Openvpn is oldschool single threaded userspace (last I checked) so you want oldschool true cpu grunt, aka the mainstream cores (ivy/hasw/broad/sky etc) and reasonably high clockspeed. The most bang/$ to get this is the cheap dual cores, they tend to be higher clocked than their desktop quad core equivs too, much higher than most high core count server cpus. Make sure you run a recent config too, pfsense took awhile to enable aes-ni properly for example.
As far as I now you simply set it up under System > Advanced settings > Miscellaneous > Cryptographic hardware and then in your OpenVPN profile set Encryption algorithm to match the server side while leaving Hardware Crypto to No hardware Crypto Acceleration.
This document describes it unless I've missed something.
Are cryptographic accelerators supported - PFSenseDocs
Man! I am totally bummed I did not snag all of these. Installing with the OpenStack Autopilot | Download | Ubuntu test setup would be a great use case.
Anyone know where I can get a backplate for one of these MB's? Didn't realize the seller wouldn't be sending the MB with one even though the listing said no accessories included. I just figured that was one accessory that would always come with it.
There are ones for sale on eBay for 1U or 2U rack chassis' but I'm using a mini-itx micro case for the time being so I need the backplate that normally ships with the board.
There are ones for sale on eBay for 1U or 2U rack chassis' but I'm using a mini-itx micro case for the time being so I need the backplate that normally ships with the board.
Having worked in a different product based company (in marketing) I know that if someone asked for a part, which we didn't ordinarily sell; we would either give it to them for free or at minimal cost
The Supermicro Web Page for this motherboard indicates that the p/n for the IO Shield is MCP-260-00042-0N. It's a very standard part readily available on eBay.