[ previous ] [ next ] [ threads ]
 
 From:  "Dan MacMillan" <danm at emerald dash associates dot com>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Hardware Recommendation for monowall to monowall IPSec VPN.
 Date:  Sat, 5 Nov 2005 08:05:10 -0700 
-----Original Message-----
From: Lee Sharp [mailto:leesharp at hal dash pc dot org]

 
From: "Dan MacMillan" <danm at emerald dash associates dot com>

> Our principal concern is with IPSec VPN throughput.  Is it
> realistic to expect to be able to saturate a 10 Mbit link with
> VPN traffic using standard PC hardware?  With, for example,
> the "B2" pre-installed monowall machine at logicsupply.com?
> Or, put another way ... what hardware would you recommend
> to be able to sustain 10 Mbit VPN traffic?

One thing I dislike about logic supply is the whole "Ignore the man behind 
the curtain" thing.  Figuring out what they have in there is hard.  The "B2" 
box is 600 mhz with 128 meg of ram.  The CPU is a bit slow for the 
encryption, and the ram is quite light.  At Directron the CL6000 and the 
CL10000 are only $1 apart.  At logic, the frist CL10000 is the "F6" which is 
$300 more.  It also has 256 meg of ram (better) and two more ports (What 
kind? Who knows...)  I would try this;

Very small (appliance like) Case    $62.99
http://www.directron.com/2699r.html
Duel ethernet 1Ghz board               $148.00
http://www.directron.com/epiacl10000.html
Tack on 512 meg of RAM when you order the MB for $42.99
Psudo Hard drive                            $18.90
http://ec.transcendusa.com/product/ItemDetail.asp?ItemID=TS32MDOM40V

This is a very powerfull "little box" at only $272.88 + shipping.  The only 
thing with more juice would be the 1.2 ghz one for $215, but does it have 
the features!
http://www.directron.com/epiamii12000.html

                        Lee 

---------

Thanks for your reply.

I spoke to someone at Logic Supply, and they said the B2 came with a "CL6" but they would put a
"CL10" into the B2 model for no additional charge.  That did not seem possible to me but considering
your reply it makes sense.  He mentioned that the reason it is stock with the "CL6" is because it is
fanless, which they usually recommend for networking appliances.  To be honest, I didn't know what
he was talking about.  He was talking about the "CL6" and "CL10" as if they were CPUs, but that
didn't make sense with the fanless comment.  After following your link above, everything becomes
more clear.

I also asked him about the possibility of adding a crypto card.  He said that they don't supply
them, we would have to buy and install them ourselves.  I'm not sure we would need one, but I'd like
the ability to add one later if we decide we do.  The stock B2 case doesn't allow the installation
of a PCI card; he said they'd throw it in a more accomodating case for $32.  And who knows.  Maybe
we wouldn't ever need a crypto card.  But if we ever wanted to throw another card of any kind in (an
additional NIC for example) it would be nice to be able to do it easily.

So my intended purchase was actually ... I guess, not much like the B2 at the end of the day.  The
CL10000 in a Casetronic C158 with 128MB of RAM.  It sounds like you're recommending near-equivalent
hardware, with the exception of additional RAM.  Would it be necessary or advisable to get more RAM?
 Is it chewed up by the VPN encryption?

The thing is, at my office, we have more money than time right now.  If we're confident that we're
buying hardware that will do the job, it is worth it to us to spend a little more money to get a box
that is ready to plug in and be configured.  Your recommendation suggests I'm going in the right
direction.  I would like to know if you think the RAM should be upgraded, though.

Thanks again.

-- 
Dan MacMillan
Integration Specialist
Emerald Associates
danm at emerald dash associates dot com
(403)686-8930