intel 82576 ipsec offload?

Siquijor Philips siquijorphilips at gmail.com
Sat Oct 10 15:03:16 UTC 2009 

On Sat, Oct 10, 2009 at 2:17 AM, Jack Vogel <jfvogel at gmail.com> wrote:
> I am Jack, the network engineer at Intel responsible for all FreeBSD wired
> lan drivers.

Hi Jack! Thanks for introducing yourself since I am new to this mailing list :-)

> This is the first I've seen about this. Our understanding was that the
> infrastructure needed
> to do IPSec was not available for either Linux or FreeBSD, can you please
> explain things?
>

Yes, basically I am implementing an IPsec infrastructure to our
network. Our network is composed of a main office and 3 branch offices
to be linked over VPN. I'm using both FreeBSD and Windows platforms.
Our FreeBSD (7.1-Release) platforms comprises the 4 firewall/gateways
(which should be also our VPN concentrators) as well as our mail
server (7.1-Release). The Windows platforms comprises the local/remote
clients (FreeBSD/Windows XP/Vista) and the Active Directory server
(Windows Server 2008).

Since our 4 FreeBSD perimeter firewall/gateways are currently
processing big amount of traffic, so I have decided to buy these Intel
NICs with IPsec offloading just to make sure it can carry out the
current traffic processing. Aside from that, our local and remote
FreeBSD clients will also be configured on transport-mode IPsec sooner
because these clients are also network intensive hosts. So, from here
I really wanted to have the IPsec offloading be available to my NICs
since I intend to buy these as its primary purpose.

> If everything is there except the support in the driver then I might be able
> to add that to
> my queue.
>

Yes, please because I really need to have my IPsec infra working sooner.

Thank you so much!

Siquijor

> Cheers,
>
> Jack
>
>
> On Thu, Oct 8, 2009 at 9:14 PM, Siquijor Philips <siquijorphilips at gmail.com>
> wrote:
>>
>> On Fri, Oct 9, 2009 at 1:45 AM, Pyun YongHyeon <pyunyh at gmail.com> wrote:
>> > On Thu, Oct 08, 2009 at 01:24:20PM +0800, Siquijor Philips wrote:
>> >> Hi,
>> >>
>> >> I got a dual-port Intel Gigabit NIC with 82576 (ET) chipset
>> >> http://www.intel.com/Assets/PDF/prodbrief/320116.pdf. It has a feature
>> >> on IPsec offloading but it only mentioned Microsoft Windows 2008 and
>> >> Vista servers. I wonder if FreeBSD have also support on this feature?
>> >>
>> >
>> > AFAIK it's not yet, not sure whether Jack has plan to implement the
>> > offloading. I know old Intel i82550 also supported IPSec offloading
>> > but Intel didn't release required information to implement it. 3Com
>> > also supported IPSec offloading in their 3XP hardwares(txp(4)) but
>> > the offloading was not implemented.
>> >
>>
>> Hi Pyun,
>>
>> Thanks for your info! By the way, who is Jack? Is he the author of
>> this driver? I really need to have this feature usable on the driver.
>> I bought these NICs with 82576 chipset for the purpose of implementing
>> IPsec in my network and my current FreeBSD servers could benefit it.
>> Just really thought it has support because FreeBSD was already part of
>> the supported operating system. I was alerted when I've re-read the
>> product info document again that it only support Windows 2008 and
>> Vista platforms. Now, I've confirmed that with the current existing
>> driver. I hope this guy has the plan of implementing it sooner because
>> I really need it.
>>
>> Thanks,
>> Siquijor
>> _______________________________________________
>> freebsd-net at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
>

More information about the freebsd-drivers mailing list