Date: Tue, 11 Oct 2005 23:18:49 -0400 From: Mike Tancsa <mike@sentex.net> To: Oliver Fromme <olli@lurza.secnetix.de> Cc: freebsd-net@freebsd.org Subject: Re: VIA VT6103 support (VIA EPIA PD) Message-ID: <7hnok1p8bnvjrdps7273k20d0fi8ia8jkj@4ax.com> In-Reply-To: <200510110914.j9B9Elct092758@lurza.secnetix.de> References: <05kfk11pk1o960o0bro2lr7d7jhi5l28et@4ax.com> <200510110914.j9B9Elct092758@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 11 Oct 2005 11:14:47 +0200 (CEST), in sentex.lists.freebsd.net you wrote: >Mike Tancsa wrote: > > [ Oliver Fromme wrote: ] > > > It has survived several buildworlds and network activity > > > without any problems. It's now running today's 6.0-BETA5. > > > Here's a copy of dmesg, if someone's interested: > > >=20 > > > http://www.secnetix.de/~olli/dmesg/epia.6.0-BETA5.txt > >=20 > > IF you use FAST_IPSEC, load the padlock.,ko as it makes a nice speed > > boost! Also, you will need to use the patch in > > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Di386/86598 > > otherwise you will get the odd SSH problem when using AES > >Sounds cool! I'll give that a try this weekend. >Thanks for the hint. > >However, don't quite understand how things work together. >Is the padlock.ko module used by IPSec only? Or is it >used by OpenSSL, too? Do I have to recompile OpenSSL with >special options? Padlock.ko works with the FreeBSD CryptoDev framework. So things like geil(8) will make use of it as well as anything that uses the cryptodev framework (e.g. FAST_IPSEC). See the docs on cryptodev for more info > >I assume that only AES is supported by the hardware, right? Correct. Not all Via's support it either. The ACE in the CPU features tells you that yours does. >So I have to set up my /etc/ssh/ssh_config to use aes128_cbc >as the first entry in the "Ciphers" line, right? (I've set >it to blowfish by default, because it's faster than aes, >but that's without hardware support, of course.) Yes > >Oh, by the way: What would be an appropriate CPUTYPE for Generally, I have not set it as I have been burned in the past for generally little benefit. >/etc/make.conf for the C3 Nehemiah processor? Currently I >don't set any CPUTYPE at all, but I wonder if there's a >setting for more efficient code generation. According to >the processor information ... > >CPU: VIA C3 Nehemiah+RNG+ACE (1002.28-MHz 686-class CPU) > Origin =3D "CentaurHauls" Id =3D 0x698 Stepping =3D 8 > = Features=3D0x381b83f<FPU,VME,DE,PSE,TSC,MSR,SEP,MTRR,PGE,CMOV,PAT,MMX,FXS= R,SSE> > >.. it supports MMX and SSE, so CPUTYPE=3D"pentium3" should >work, I think. But I'm not sure. > >Best regards > Oliver -------------------------------------------------------- Mike Tancsa, Sentex communications http://www.sentex.net Providing Internet Access since 1994 mike@sentex.net, (http://www.tancsa.com)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7hnok1p8bnvjrdps7273k20d0fi8ia8jkj>