WAP/Router for use with OpenVPN
Dave Johnson
dave-gnhlug-list at davej.org
Tue Jul 7 16:15:20 EDT 2009
Ben Scott writes:
> > And they have to have enough computing-power to run WPA, right?
>
> Wireless crypto may be implemented in dedicated hardware in the
> wireless chipset, not on the general-purpose processor (where Linux
> and OpenVPN run), so that may not mean anything.
Yes, WiFi crypto will definately be done in hardware.
If you're going to use openvpn without a hardware assist, (like a
HiFn, etc.. ) cpu performance may be of concern. Hardware assist in
openssl is usually hard to find in general.
Shouldn't be an issue for occasional single user connectivity though,
unless you need many mbps.
I have my openvpn links use blowfish instead of AES for the data
channel because it's less cpu intensive especially for small
block sizes.
For comparision, I use a Soekris net4801 (266Mhz NSC/AMD Geode) for
my router/firewall and openvpn endpoints.
It does IPv4 forwarding fine, up only up to about 50mbps for large
packets. Definately not good for LAN-LAN, but fine for LAN-WAN.
Throw in openvpn, the crypto and compression will drop the vpn data to
a few mbps. Good for connectivity, just not performance.
--
Dave
More information about the gnhlug-discuss
mailing list