Most Secure Router?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
sdifox

sdifox

No Lifer
Sep 30, 2005
100,332
17,913
126
ChrisKC said:
So if I go this route, what specific hardware should I use? I've reviewed the hardware requirements. I know Netgate sells their own boxes and I found several options on FirewallHardware.it among other sites. I do plan on running OpenVPN and TOR, as well as packages.
Click to expand...


Depends on your pipe. If you have gigabit fiber, you'll want a beefy box.
 
Red Squirrel

Red Squirrel

No Lifer
May 24, 2003
70,592
13,807
126
www.anyf.ca
I've ran pfsense on a pentium 3 before, it was a 1U server I got for free. It struggled to go over 5mbps though, so when I got fibre I got another 1U box that is a core2duo and it does fine.

If actually buying hardware, I think I would look at those Netgate boxes myself. Cheaper than a computer system and will use way less power.

Basically almost any old computer with two NICs should be able to handle it, unless it's REALLY old.
 
sdifox

sdifox

No Lifer
Sep 30, 2005
100,332
17,913
126
Red Squirrel said:
I've ran pfsense on a pentium 3 before, it was a 1U server I got for free. It struggled to go over 5mbps though, so when I got fibre I got another 1U box that is a core2duo and it does fine.

If actually buying hardware, I think I would look at those Netgate boxes myself. Cheaper than a computer system and will use way less power.

Basically almost any old computer with two NICs should be able to handle it, unless it's REALLY old.
Click to expand...


It gets more cpu intensive when you do encryption and dpi
 
Engineer

Engineer

Elite Member
Oct 9, 1999
39,230
701
126
sdifox said:
Depends on your pipe. If you have gigabit fiber, you'll want a beefy box.
Click to expand...

Is there even a platform that can pump 1Gbps through OpenVPN at this point? Seems to max out, from what I've read, at 200-300Mbps on pfsense.
 
M

mv2devnull

Golden Member
Apr 13, 2010
1,526
160
106
AES-NI and MTU. You can use jumbos inside the tunnel. That gives the encryption more data to crunch at a time.
 
sdifox

sdifox

No Lifer
Sep 30, 2005
100,332
17,913
126
Engineer said:
I think I've read that previously. It appears that OpenVPN needs to be rewritten to take advantage of the hardware, IIRC. Not even sure that OpenVPN is multithreaded at this point.
Click to expand...
Single, but you can multi instance it
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom