At 08:41 AM 03/08/2004, Norikatsu Shigemura wrote: >Hi sam! > > I have two Soekris vpn1401 crypto accelerator cards. I installed > these to 4-stable machine and 5-current machine. Hi, Not all things are accelerated in openssl. Also depending on the CPU you use, it wont be faster and might even be slower. Where you really win is with concurrent jobs. In our app, our backup server takes several ssh streams of dump and tar. The P4 2.4 keeps up just fine even when 50Mb/s of traffic is coming in with the card, but is too taxed without it. Try the following tests Create a test file first dd if=/dev/urandom of=/tmp/big bs=1024k count=100 time /usr/bin/openssl enc -des3 -in /tmp/big -out /dev/null -k test with and without acceleration. The contrast is even greater, if you run /usr/bin/openssl enc -des3 -in /tmp/big -out /dev/null -k test & /usr/bin/openssl enc -des3 -in /tmp/big -out /dev/null -k test & /usr/bin/openssl enc -des3 -in /tmp/big -out /dev/null -k test & and watch the load avg and the time to completion. You can compile the program /usr/src/tools/tools/crypto/hifnstats.c which will spit out simple stats about the card. If you are using one of the newer HiFn cards, it will work with aes256 as well as des3. One caveat is that with the newer cards, I keep running into a fairly easily repeatable bug. (perhaps 2). On OpenBSD and FreeBSD I run into http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=3739 And this one is new and might be relevant to the FreeBSD driver as well http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=3873 There is also http://www.monkey.org/openbsd/archive/misc/0408/msg00008.html ... Not sure if its applicable or not yet. ---MikeReceived on Tue Aug 03 2004 - 13:17:45 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:04 UTC