Re: [m0n0wall] VIA Eden 0.13, 0.15nm vs VIA Eden 90nm

From:	Graham Allan <allan at physics dot umn dot edu>
To:	Forest Bond - Logic Supply <forest dot bond at logicsupply dot com>
Cc:	Steve Thomas <sthomas at consultant dot com>, Philippe Lang <philippe dot lang at attiksystem dot ch>, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] VIA Eden 0.13, 0.15nm vs VIA Eden 90nm
Date:	Fri, 23 Feb 2007 09:08:38 -0600

On Fri, Feb 23, 2007 at 08:48:24AM -0500, Forest Bond - Logic Supply wrote:
> On Thu, Feb 22, 2007 at 08:43:33AM -0500, Steve Thomas wrote:
> >  Cool that the VIA chips have the crypto engine too
> > which may be able to accelerate VPN and enable
> > more simultaneous tunnels.
> 
> Current stable version of m0n0 does not utilize this hardware.  There is a Linux
> driver.  Anyone know if FreeBSD 6 supports the VIA crypto hardware?

I can't answer the FreeBSD question, but I recently got a VIA C7 box to
build a low-power linux server. Recent linux kernels do have built-in
support for the padlock crypto hardware, but I'm not sure how much use
that is in real life (I guess it gives you a fast /dev/random?), as
openssl has to be rebuilt to get hardware crypto support, and similarly
for the applications that use it (openssh etc). It's not quite as
trivial as I'd hoped!

There are some fairly inexpensive barebones systems around based on VIA
C3 and C7, eg:

ASUS C3 system: http://www.newegg.com/Product/Product.asp?Item=N82E16856110056

MSI C7 system: http://www.newegg.com/Product/Product.asp?Item=N82E16856167012

Neither of these directly suitable for m0n0wall as they only have one
onboard NIC, but they do have a PCI slot. The ASUS box in particular is
amazingly cheap. My assumption was that from a respectable
manufacturer, the quality of PSU etc shouldn't be too bad. I don't know
if that assumption is warranted, but the MSI box seems pretty decent.

Graham