From owner-freebsd-security@FreeBSD.ORG Thu Apr 8 11:58:33 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7B99716A4CF for ; Thu, 8 Apr 2004 11:58:33 -0700 (PDT) Received: from seven.Alameda.net (seven.alameda.net [64.81.53.71]) by mx1.FreeBSD.org (Postfix) with ESMTP id 53A7343D49 for ; Thu, 8 Apr 2004 11:58:33 -0700 (PDT) (envelope-from ulf@Alameda.net) Received: by seven.Alameda.net (Postfix, from userid 1000) id 23B023A201; Thu, 8 Apr 2004 11:58:33 -0700 (PDT) Date: Thu, 8 Apr 2004 11:58:33 -0700 From: Ulf Zimmermann To: "Michael W. Lucas" Message-ID: <20040408185832.GS89845@seven.alameda.net> References: <6.0.3.0.0.20040408102521.0948ea58@209.112.4.2> <26215.1081434517@critter.freebsd.dk> <20040408144322.GA83448@bewilderbeast.blackhelicopters.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040408144322.GA83448@bewilderbeast.blackhelicopters.org> User-Agent: Mutt/1.4.1i Organization: Alameda Networks, Inc. X-Operating-System: FreeBSD 4.8-RELEASE-p5 cc: Poul-Henning Kamp cc: security@freebsd.org Subject: Re: recommended SSL-friendly crypto accelerator X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: ulf@Alameda.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Apr 2004 18:58:33 -0000 On Thu, Apr 08, 2004 at 10:43:22AM -0400, Michael W. Lucas wrote: > On Thu, Apr 08, 2004 at 04:28:37PM +0200, Poul-Henning Kamp wrote: > > >>Look at VPN14x1 from www.soekris.com, it's darn cheap too. > > Thanks, phk! > > For $79, it's cheap enough that I could put a whole stack of them in a > machine. Can FreeBSD take advantage of multiple cards like that? > > (Yes, that's a serious concern; I'm looking at 15,000 simultaneous > users on a SSL Web site, and would prefer to avoid spending the big > bucks on a so-called "hardware SSL accelerator.") > > ==ml > > -- > Michael Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org > A cheap solution would also be to buy used Alteon iSD-100, they go for like $100-300 on ebay. Each can handle 7,000 connections and you can put together a cluster of 32 of them. I personal do like them although they are based on LinSux. Haven't tried to get FreeBSD on them (its an industrial cpu board with a 64MB compact flash). -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204 You can find my resume at: http://seven.Alameda.net/~ulf/resume.html