[Openswan Users] Openswan on OpenWRT

[Ferdinand O. Tempel]

On Wed, 2004-11-10 at 23:11 +0100, Jacco de Leeuw wrote:
> I've been thinking of having a go at it, perhaps getting L2TP/IPsec running
> on it but I'm wondering:
> 
> - Would the WRT54G(S) be fast enough for VPNs? Linksys is also selling
>    the WRV54G with IPsec support for $100 more. Is that just a scam?

I've done some crude performance measurements, which you can find in the
list archives somewhere. It rather depends on your needs, but don't
expect miracles. 3DES seems to be stuck at ~1.5mbps, AES gets to about
2.5mbps. That was with a single tunnel though, adding more tunnels
likely decreases performance due to overhead. This device is not a speed
monster, but it might be sufficient for purposes like remote access to a
corporate network from home. I don't know the details of the device you
mention. I don't think it neither uses the same hardware nor that it
runs linux. But I could be wrong.

> - I think I read somewhere that the wireless driver (Broadcom?) is
>    closed source which would mean you're stuck with a certain kernel
>    version. Is that true?

Yes. There are rumours that this module can be used with other kernel
versions too, even 2.6, with some additional glue code. But alas, I
haven't seen any examples of that yet, so I take it with a grain of salt
until I do. This is one of the more annoying points of the code release
of Linksys, though at least they actually did release most of it.

> - There are Linksys clones with USB ports. Would USB be important enough
>    to get one of these clones instead?

That is a hard question, as I don't know what you would want to use USB
for. Adding USB storage would increase the amount of room you have to
store software and such on, but then again, it's a router, not a file
server.
-- 
Regards,

Ferdinand O. Tempel

Your friendly neighborhood linuxops.net administrator.