Hi all,

I got to tinkering with my first net4801(Combios v1.24) today.  I
installed 1.1b16 on it, and from a factory default stage, did the
following:

-Setup an inbound NAT on port 5001 for ttcp
-Setup an IPSec tunnel from the 4801 to my Gentoo desktop
  (enabled and disabled accordingly)

Compare my results to Manuel's found at
http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=62&actionargs[]=57

Raw throughput numbers without IPSec:

no IPSEC		38.53/41.49

I have no idea why my numbers are so much higher than Manuel's, as there
really isn't any difference between my setup and his (except m0n0wall
version).  Manuel, have there been any networking or kernel changes
since you've run your tests?  For those thinking that it might be the
difference between ttcp and iperf, I also ran the same tests on a
Net4501, and my numbers were always within .1 Mbit/sec of his.

Now, onto the Net4801 with a VPN1211 in it.  My initial results were
just as disappointing as Manuel's:

vpn1211
--------------------
3des-sha1		2.70/2.68

That sucks.  So I got to tinkering.  I was wondering if the IRQ sharing
was mucking with things.  Just for lack of anything better to do, I
brought up sis2 by doing a '/sbin/ifconfig sis2 up' from exec.php. 
Let's just say the results were encouraging:

vpn1211 after '/sbin/ifconfig sis2 up'
--------------------
3des-sha1		11.27/11.09

Can anyone else verify that this works for them?

If this fixes the issue, are there any reasons why we wouldn't want to
bring up all interfaces on boot (even if there's no configuration)?

Thanks,

Justin
-- 
Justin Ellison <justin at techadvise dot com>