[SLL] WRT54GL --> wireless to wired repeater?
Jarod Wilson
jarod at wilsonet.com
Fri Dec 26 12:58:40 PST 2008
On Dec 26, 2008, at 3:35 PM, Robert Woodcock <rcw at blarg.net> wrote:
> On Fri, Dec 26, 2008 at 02:36:23PM -0500, Jarod Wilson wrote:
>> I'd wager most vpn traffic deals in smaller-sized payloads to
>> encrypt,
>> and with smallest chunk size there, blowfish does appear to be around
>> 50% faster than AES.
>
> Except that the smallest packet you are likely to encapsulate is 41
> bytes
> (20 byte IP header, 20 byte TCP header, 1 byte data). Endpoints
> should be
> using NAGLE to reduce these, as their overhead even before VPN
> encapsulation
> is 40x.
Gah, sorry, comprehension-failure on my part. 16 byte payloads would
indeed be ridiculously small...
> What's going to make your router work harder? A few 60-byte packets
> per
> second while you're typing in an ssh session, or a multimegabit
> stream of
> 1500-byte packets for a file transfer?
In that case, yeah, blowfish and aes should be comparable. Its mostly
just 3des that universally blows chunks and slaughters itty-bitty
cpus. :)
--jarod
More information about the linux-list
mailing list