New router
Mar 10, 2007 at 01:51 AM

I was tired of having these annoying problems with PPTP (out of buffer space etc), I just changed my primary router from MPD via netgraph to a userland VPN Client named vpnc. As I wanted to avoid any problems with the availability of the main services, I used different hardware. I guess that was a good idea.

As a coward, I had a longer test running with a similar configuration on my backup router, I just wasn't happy with the way PPTP worked for me. I also got new hardware, a Supermicro 5013G-i equipped with 512MB RAM and a 3.06GHz Pentium 4, a nice box!

So I replaced the dual Xeon box that calculated the PPTP tunnel that particular box after having it stress tested for maybe one or two weeks (in fact I don't remember). As I only have two physical uplinks, I configured the new router to dial in until it detects a suitable link, changed the uplink cables and reconfigured the internal routes. Although there were some minor probs with my pf setup, (did I ever say I hate NAT) it should do the job from now on, until it gets broken one day.

I still haven't managed to get a decent and affordable mainboard for the box is that is supposed to serve as a primary router (see earlier article), in fact I'm still using my backup router hardware as the secondary router, which kind of reduces my level of redundancy 8-|

So, for the record - under FreeBSD 5.5, UP kernel, a P3 650MHz peaks at ~400kB/s of ESP encapsulated traffic. A Pentium 4 3GHz under FreeBSD, 6.2 SMP kernel does a way better job, it reaches ~2000kB/s which is ok for me. I didn't do the tests with the dual Xeon, because I was too lazy, I wonder (read == doubt) if vpnc is SMP aware, but as soon as I have the replacement board for the main router, I'll post the data.

