Re: WLAN access point, IPsec

[Chuck Yerkes <chuck+obsd@2003.snew.com>]

Soeren Kristenson has lovely IPSec accelerators which are great
for these types of machines.



Quoting Thorsten Glaser (tg-v2003@netcologne.de):
> Hello people,
> 
> what "minimum" requirements would a WLAN access point box using
> OpenBSD and a PRISM2.5 card in HostAP mode have, if using no WEP,
> but IPsec?
> 
> Can IPsec use blowfish as cipher safely?
> 
> The box I have here is a Pentium-100, 128 MiB RAM, but it serves
> other purposes as well. I've got about 10 MiB to spend; the CPU
> is usually below 30% used, load avg. between 2 and 4.

> Thanks in advance,
> //Thorsten
> 
> PS: Please don't use my old email addresses at netcologne to answer.
>     I had to nuke them without prior warning (>40 MiB spam per hour,
>     and the poor pentium has to handle it).


> -- 
> [...] if maybe ext3fs wasn't a better pick, or jfs, or maybe reiserfs, oh but
> what about xfs, and if only i had waited until reiser4 was ready... in the be-
> ginning, there was ffs, and in the middle, there was ffs, and at the end, there
> was still ffs, and the sys admins knew it was good. :)	-- Ted Unangst ?ber *fs

Gee, and yet some hardcore people have recognized that FFS was aged
and needed changing.  Thus became softupdates and FFS2 and snapshots.

The joy I had this AM when an fbsd 5.1 host that powered down suddenly
came up and said "/var needs fsck, defering it for later."

FFS1 is built on many assumptions that work really well on 80lb eagle
drives.  Block transfer protocols (like, say, SCSI) change the rules
some too.