From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lakermmtao05.cox.net (lakermmtao05.cox.net [68.230.240.34]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j3O8Bq6p032283 for ; Sun, 24 Apr 2005 08:11:53 GMT Received: from [192.168.42.40] (really [68.227.217.200]) by lakermmtao05.cox.net (InterMail vM.6.01.04.00 201-2131-118-20041027) with ESMTP id <20050424081157.FYFF13442.lakermmtao05.cox.net@[192.168.42.40]> for ; Sun, 24 Apr 2005 04:11:57 -0400 Message-ID: <426B54CC.5090404@bohme.org> Date: Sun, 24 Apr 2005 04:11:56 -0400 From: Paul Bohme User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050329) X-Accept-Language: en-us, en Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-embedded@gentoo.org Reply-to: gentoo-embedded@lists.gentoo.org MIME-Version: 1.0 To: gentoo-embedded@lists.gentoo.org Subject: Re: [gentoo-embedded] Gentoo Embedded Linux on Linksys Blue Boxes References: <1114274566.13712.38.camel@mpascual.qsr.com.ph> <1114282151.28172.33.camel@localhost> <1114311734.13185.15.camel@mpascual.qsr.com.ph> <20050424083249.0d3da11f@beech.glades.net> <1114325337.13448.15.camel@mpascual.qsr.com.ph> In-Reply-To: <1114325337.13448.15.camel@mpascual.qsr.com.ph> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 7527a3d0-0998-43b1-ad42-2ef81e514758 X-Archives-Hash: e8dff0643b5ff14cdf76c1ab13a25b71 Linux GNUbie wrote: >On Sun, 2005-04-24 at 08:32 +0200, Daniel Armyr wrote: > > >>I am not too familiar with VPN, but as I understand it, it is pretty much only a convenient way to tunnel all traffic through an encrypted pipe. Would a benchmark using an ssh-tunnel give sufficiently relevant results? >> >> > >I have friends that told me that the hardware specs of the Linksys >BEFSR41 or WRT54G cannot support the VPN client service simply because >of the encryption/decryption process that needs more processing power >and physical memory. > The WRT54GS has 8MB of flash, btw, and (IIRC) 32MB of RAM (I have one on the desk next to me, would have to check.) The extra flash makes it a bit roomier to hack on. I'm (slowly) getting it set up to replace a machine at work that we use to bridge a couple of networks. I did some googling and came up with: http://martybugs.net/wireless/openwrt/openvpn.cgi ----(snip)---- Performance Testing Network Architecture This WRT is connecting to an 802.11b Minitar MNWAPB access point, and hence is restricted to 802.11b 11Mbps speeds. The throughput was measured by using wget to retrieve a 3MB file over the wireless link. Initial tests were performed during setup, when the WRT was physically located close to the Minitar access point, so the WRT was associated to the Minitar with a link rate of 11Mbps. The tests were repeated once the WRT was installed at the client site, with similar results. Throughput Without VPN Throughput over the wireless link between the WRT and the Minitar was tested at approximately 600 kbytes/sec (ie, typical for an 802.11b wireless link). Throughput With VPN Once the VPN tunnel was established, and all traffic routed through it, the tests were repeated. Throughput dropped to approximately 300 kbytes/sec. The major cause of this slow-down is the CPU in the WRT, as it needs to encrypt and decrypt all the traffic that is passing through the VPN tunnel. This can be observed by monitoring the CPU usage on the WRT while transferring large amounts of traffic through the VPN tunnel - the OpenVPN process consumes 99% of the CPU during this time. The slow-down caused by the VPN tunnel is acceptable in the situation I'm using the WRT. If this isn't the case, the throughput of the VPN tunnel can be increased by moving the VPN termination from the WRT onto a faster device (ie, a linux router) behind the WRT. ----(snip)---- So there's at least one test, but as usual YMMV. -P -- gentoo-embedded@gentoo.org mailing list