Dual p3 or single xeon for ipsec

Brent Wiese b at bjwcs.com
Thu Apr 8 12:38:13 PDT 2004

Which do you think would be more effective as an IPSEC tunnel gateway? A
dual p3 1.26ghz server or a single 2.6 ghz (800mhz fsb) Xeon?

Things that would be common to both:

FreeBSD 4.9 (maybe possibly 5.3 release when its officially out), SMP kernel
on dual
Intel 64bit dual gig-e 1000bTX nic
RAM (up to 2GB if it'll make a difference)
IDE drives (we're just pushin bits so I wouldn't think drives would be too

What I'm most interested in is pushing the most bits possible between points
A and B, which will be separated by the public internet. Encryption doesn't
need to be insanely high. The files being pushed aren't "sensitive" and
user/pass info won't be exchanged via plaintext.

I noticed the Intel gig-e server nics have encryption offloading (sticker on
the last box I got). Anyone know how effective? I can't seem to find info
about it on their site.

One more question related to this, and I apologize if this is dumb or poorly
worded... Can I use jumbo frames on the "public" side of the gateways? My
understanding is that everything between would need to be able to deal with
jumbo frames and I don't know the answer to that. Again, this may be a weird
question, but can the gateway "store up" a few frames from its internal side
and send it as 1 jumbo frame out the public side? Does that question even
make sense?

And, last question, anyone played with the pci-x stuff? If that's all its
cracked up to be, it somewhat makes this email moot.

More information about the freebsd-questions mailing list