Ok, so my understanding on the Intel QuickAssist is that it is not currently implemented in pfSense. Is that correct?
Yes this is the fact as I am right informed.
And, are you telling me that once it is implemented, it would be a great help to throughput based on the setup I am planning to use?
No, what I was trying to tell you that it will be perhaps having no, absolutely, no effect
I'm sure this is the million dollar question, but do you know when it is planned to be implemented?
This even the developer team is knowing and not us, it can be that in that last second
they throw it away or that we will see it in the version 2.4 or 3.0, only they know it really.
Also, are you saying that given the setup I mentioned, AES-NI will not be of any help to me?
For you or not, but not for OpenVPN as I see it right.
Are you saying that throughput could be accomplished only with AES-NI & Intel QuickAssist
NO, I was only telling you that there is someone who has a SG-4860, 1 GBit/s Internet connection
and he was able to archive 500 MBit/s throughput with AES-NI over IPsec VPN!
or are you saying that with the SG-4860 I could get those numbers even without those technologies?
Once more again, no! I was saying that the SG-4860 unit is able to archive ~500 MBit/s
of throughput together with AES-NI and IPsec VPN, nothing more and nothing less.
Thank you for your feedback and for your other suggestions, but in regards to some of your other suggestions, the type of VPN I am using(PIA) with the previously stated security levels, those are things that are givens and will not change. So, with that in mind, I am trying to find the best pfSense appliance given my current throughput/performance needs.
Then better go with an Intel Xeon E3-12xxv3 @3.0GHz (Quad Core CPU) and you will
be sorted right! Nothing you can´t do or realize and more power saving then the Intel
Core i3,5,7 CPUs. So you may not be pressed in the future to buy new hardware.
Take a 2 or 4 Port Intel PT Server NIC that is using the em driver in pfSense and
all will befine for a long time! You might be also able to install Snort, Squid & SquidGuard,
pfBlockerNG and tinyDNS or what ever and all will be running fast for you.
- 2 GB RAM = pure firewall & VPN
- 4 GB RAM = firewall, VPN, Snort, pfBlockerNG
- 8 GB RAM = firewall, VPN, Snort, pfBlockerNG, Squid and mbuf size to 1mio