Build Your Own Router/Firewall Discussion Thread - Page 2 - Canadian TV, Computing and Home Theatre Forums
 1Likes
Reply
 
LinkBack Thread Tools Search this Thread Display Modes

post #16 of 26 (permalink) Old 2017-08-03, 06:00 AM
Rookie
 
Join Date: Jul 2017
Posts: 5
on next build of pfsense your hardware needs aes-nl support or you can't upgrade to it .
even netgate has an upgrade out due to this.
I have a i72600k here I'd like to use if I don't upgrade and use my 8320 in a proxmox server and go vm for pfsense.
thats if it's the motherboard thats bad on the i7 and not the cpu
modd is offline  
Sponsored Links
Advertisement
 
post #17 of 26 (permalink) Old 2017-08-03, 06:51 AM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,838
What's aes-nl?

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #18 of 26 (permalink) Old 2017-08-03, 11:58 AM Thread Starter
Veteran
 
Join Date: Jun 2011
Location: 43° N, 81.2° W
Posts: 7,773
AES-NI

Does that mean that PFSense will only work on Intel processors? If so, it's a serious limitation. It means that PFSense will only work on expensive Intel hardware that is overpowered for home and SOHO use.
ExDilbert is online now  
 
post #19 of 26 (permalink) Old 2017-08-03, 12:14 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,838
^^^^
My firewall is a refurb computer with an AMD CPU. If that's required, then I won't be able to upgrade. Also, I'm frequently on the pfSense forum and haven't heard this mentioned there.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #20 of 26 (permalink) Old 2017-08-03, 01:54 PM Thread Starter
Veteran
 
Join Date: Jun 2011
Location: 43° N, 81.2° W
Posts: 7,773
I've seen the mention of AES in hardware being an advantage for real time encryption or decryption but never heard of it being required. It can be done in software if hardware is not available.
ExDilbert is online now  
post #21 of 26 (permalink) Old 2017-08-03, 02:21 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,838
^^^
Just like in the old separate math co-processor days. The Intel 8086 & 8088 CPU had the 8087 math processor. If one wasn't installed, then software had to be used. This continued up to the 386 CPUs. IIRC, the 486DX had a built in math processor, but the 486SX didn't.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #22 of 26 (permalink) Old 2017-08-05, 05:03 PM Thread Starter
Veteran
 
Join Date: Jun 2011
Location: 43° N, 81.2° W
Posts: 7,773
Here is a link to AES instruction set support in Intel and AMD processors. I was mistaken in thinking that AES-NI was only supported by Intel. AMD also has extensive support for AES, though search results for AES-NI seem to predominantly return Intel links.

If anything, AMD appears to provide better support for AES-NI as Intel leaves AES-NI out of many of it's cheaper CPUs such as Core i3, Pentium and Celeron. Those are the type low power CPUs that I would want for a pfSense or OPNSense router. That makes hardware choices even more difficult as Intel network hardware preferable. I'm glad I built the box I did as prices have gone up and options become more limited since then.
ExDilbert is online now  
post #23 of 26 (permalink) Old 2017-10-09, 09:45 PM
Rookie
 
Join Date: Jul 2017
Posts: 5
it's a encryption for use with vpn's and a standard must have on pfsense after 2.3.4 so 2.5 etc

no certain amd cpus and arm i think support it

heres a link to pfsense and the 2.5 release:
https://www.netgate.com/blog/pfsense...nd-aes-ni.html

Last edited by 57; 2017-10-09 at 11:32 PM. Reason: No need for 3 different posts.
modd is offline  
post #24 of 26 (permalink) Old 2017-10-10, 06:52 AM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,838
^^^^
FWIW, yesterday I tried an experiment. I have OpenVPN configured between my notebook computer and firewall. With my notebook connected to my local network, I ran speedtest.net and verified it was going through the VPN. I could not notice any difference between using the VPN or not. Any difference was within the normal variation for speedtest.net. I run pfSense on a HP 5150, with 4 GB of memory.

Incidentally, I have a 60/10 package from Rogers and generally get mid 70s down and 11 up, but yesterday I was getting almost 100 Mb down.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #25 of 26 (permalink) Old 2017-10-10, 06:45 PM
 
Join Date: Mar 2007
Location: Guelph
Posts: 1,033
^^^ That's interesting. I have Rogers 100 and usually get 130 or so but this weekend I saw nearly 200 via the Xfiniti speed test using IPV6. I'll check every couple of days to see if it holds up like that.


Sent from my iPad using Tapatalk HD
timlocke is online now  
post #26 of 26 (permalink) Old 2018-03-12, 02:42 PM
Rookie
 
Join Date: Jul 2017
Posts: 5
How do you get the iptv to work with this setup?
Did you bridge the t3200m and use port 1 to be your wan feed and then go out from your Lan with the 4 ports on the pfsense box??
Do you have your piktv box hard line or wifi???
modd is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Canadian TV, Computing and Home Theatre Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in













Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome