On Fri, Feb 23, 2007 at 08:48:24AM -0500, Forest Bond - Logic Supply wrote:
> On Thu, Feb 22, 2007 at 08:43:33AM -0500, Steve Thomas wrote:
> > Cool that the VIA chips have the crypto engine too
> > which may be able to accelerate VPN and enable
> > more simultaneous tunnels.
> Current stable version of m0n0 does not utilize this hardware. There is a Linux
> driver. Anyone know if FreeBSD 6 supports the VIA crypto hardware?
I can't answer the FreeBSD question, but I recently got a VIA C7 box to
build a low-power linux server. Recent linux kernels do have built-in
support for the padlock crypto hardware, but I'm not sure how much use
that is in real life (I guess it gives you a fast /dev/random?), as
openssl has to be rebuilt to get hardware crypto support, and similarly
for the applications that use it (openssh etc). It's not quite as
trivial as I'd hoped!
There are some fairly inexpensive barebones systems around based on VIA
C3 and C7, eg:
ASUS C3 system: http://www.newegg.com/Product/Product.asp?Item=N82E16856110056
MSI C7 system: http://www.newegg.com/Product/Product.asp?Item=N82E16856167012
Neither of these directly suitable for m0n0wall as they only have one
onboard NIC, but they do have a PCI slot. The ASUS box in particular is
amazingly cheap. My assumption was that from a respectable
manufacturer, the quality of PSU etc shouldn't be too bad. I don't know
if that assumption is warranted, but the MSI box seems pretty decent.