[ale] Router Recommendations?

Alex Carver agcarver+ale at acarver.net
Sat Feb 11 04:11:19 EST 2017 

On 2017-02-10 23:32, dev null zero two wrote:
> that's very little traffic.. I'd be surprised if any rpi could do even 100 Mb/s 
> with any aes based VPN.
> 
> Sent from my mobile. Please excuse the brevity, spelling, and punctuation.
> 
> On Feb 11, 2017 2:29 AM, "Alex Carver" <agcarver+ale at acarver.net 
> <mailto:agcarver%2Bale at acarver.net>> wrote:
> 
>     On 2017-02-10 20:29, Derek Atkins wrote:
> 
>      > I'm not worried about VPN capacity, per se.  I certainly don't expect any
>      > VPN'ed client to fully use 1gbps!  I dont even expect it to use 500mbps.
>      > My VPN concern would be CPU usage if there's not AES-NI, but even 10mbps
>      > VPN would, IMHO, probably be good enough.  But that's not the primary
>      > goal; the primary goal is 1gbps NAT.
> 
>     I run OpenVPN on a Raspberry Pi 2 behind my router (currently a Linksys
>     running OpenWRT).  Other than the initial handshake taking about 10
>     seconds (I have an extremely large key) it's been fast enough to handle
>     four IP camera feeds (5-10 fps 640x480), a VNC session (via SSH tunnel)
>     plus some web traffic all simultaneously without a glitch.  Anything
>     bigger than the RPi2 will probably not even notice.
> 

It's close enough to the 10 Mbps that Derek considered "good enough."  I
just used a speed tester on my phone and got 4.4 Mbps download and 3.1
Mbps upload taking the path from phone through VPN to my RPi and then
back out to the Internet.  My DSL line is acting up tonight so there's
some delay there.  I also did an scp file transfer from one of my
machines to the phone via the VPN and have a sustained rate of 3.5 Mbps.
 A speed test of my DSL line using one of my machines is showing
approximately the same speed so my tests are basically maxing out my
modem at the moment.

OpenVPN is configured to use TLS with AES-256-CBC cipher.  OpenVPN is
using a long RSA key (>4096 bits) in its certificate and auth keys and
sshd is also using a long RSA key (>4096 bits) and ed25519 keys.

More information about the Ale mailing list