[SLL] WRT54GL --> wireless to wired repeater?

[Robert Woodcock]

On Fri, Dec 26, 2008 at 02:36:23PM -0500, Jarod Wilson wrote:
> I'd wager most vpn traffic deals in smaller-sized payloads to encrypt,
> and with smallest chunk size there, blowfish does appear to be around
> 50% faster than AES.

Except that the smallest packet you are likely to encapsulate is 41 bytes
(20 byte IP header, 20 byte TCP header, 1 byte data). Endpoints should be
using NAGLE to reduce these, as their overhead even before VPN encapsulation
is 40x.

What's going to make your router work harder? A few 60-byte packets per
second while you're typing in an ssh session, or a multimegabit stream of
1500-byte packets for a file transfer?

Small packets are used for interactive/latency sensitive stuff, such as
remote terminal/remote desktop protocols, gaming, and VoIP. Generally you
aren't going to fill a pipe (and therefore a CPU) with this unless you have
lots of users all doing this kind of stuff across the same routers at the
same time.

If you do find yourself in that scenario, you need to buy beefier equipment
and *more bandwidth* for those users than you'd ordinarily think you'd need -
the effect described here will definitely apply to you:

http://www.formortals.com/Home/tabid/36/EntryID/57/Default.aspx

Also, a good rule of thumb is, if a user thinks performance on something
sucks, you'll need to at least double performance to get them to notice an
improvement. Therefore it can be very damaging to an IT budget to not keep a
positive attitude about your systems when you're talking to users - it's a
very fine line to walk between joining their chorus of complaints vs.
appearing insensitive to their problems.
-- 
Robert Woodcock - rcw at blarg.net
"And then maybe then I'll achieve the end of this exercise, but really if
we're all going to be honest with ourselves, I have to admit that achieving
the end of the exercise was never the point of the exercise to begin with,
was it?"
	-- Adam Savage