Date: Sat, 10 Oct 2009 23:03:15 +0800 From: Siquijor Philips <siquijorphilips@gmail.com> To: Jack Vogel <jfvogel@gmail.com> Cc: pyunyh@gmail.com, freebsd-net@freebsd.org, freebsd-drivers@freebsd.org Subject: Re: intel 82576 ipsec offload? Message-ID: <a27b90e40910100803r3290cd10ldb983919bf9dfb35@mail.gmail.com> In-Reply-To: <2a41acea0910091117q6cfab252sa8d5dfcf0182b660@mail.gmail.com> References: <a27b90e40910072224q2a79cbd9k2f789cb6d1513157@mail.gmail.com> <20091008174521.GE3843@michelle.cdnetworks.com> <a27b90e40910082114q6e4faa7ai3553e37d449ae2db@mail.gmail.com> <2a41acea0910091117q6cfab252sa8d5dfcf0182b660@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Oct 10, 2009 at 2:17 AM, Jack Vogel <jfvogel@gmail.com> wrote: > I am Jack, the network engineer at Intel responsible for all FreeBSD wired > lan drivers. Hi Jack! Thanks for introducing yourself since I am new to this mailing list :-) > This is the first I've seen about this. Our understanding was that the > infrastructure needed > to do IPSec was not available for either Linux or FreeBSD, can you please > explain things? > Yes, basically I am implementing an IPsec infrastructure to our network. Our network is composed of a main office and 3 branch offices to be linked over VPN. I'm using both FreeBSD and Windows platforms. Our FreeBSD (7.1-Release) platforms comprises the 4 firewall/gateways (which should be also our VPN concentrators) as well as our mail server (7.1-Release). The Windows platforms comprises the local/remote clients (FreeBSD/Windows XP/Vista) and the Active Directory server (Windows Server 2008). Since our 4 FreeBSD perimeter firewall/gateways are currently processing big amount of traffic, so I have decided to buy these Intel NICs with IPsec offloading just to make sure it can carry out the current traffic processing. Aside from that, our local and remote FreeBSD clients will also be configured on transport-mode IPsec sooner because these clients are also network intensive hosts. So, from here I really wanted to have the IPsec offloading be available to my NICs since I intend to buy these as its primary purpose. > If everything is there except the support in the driver then I might be able > to add that to > my queue. > Yes, please because I really need to have my IPsec infra working sooner. Thank you so much! Siquijor > Cheers, > > Jack > > > On Thu, Oct 8, 2009 at 9:14 PM, Siquijor Philips <siquijorphilips@gmail.com> > wrote: >> >> On Fri, Oct 9, 2009 at 1:45 AM, Pyun YongHyeon <pyunyh@gmail.com> wrote: >> > On Thu, Oct 08, 2009 at 01:24:20PM +0800, Siquijor Philips wrote: >> >> Hi, >> >> >> >> I got a dual-port Intel Gigabit NIC with 82576 (ET) chipset >> >> http://www.intel.com/Assets/PDF/prodbrief/320116.pdf. It has a feature >> >> on IPsec offloading but it only mentioned Microsoft Windows 2008 and >> >> Vista servers. I wonder if FreeBSD have also support on this feature? >> >> >> > >> > AFAIK it's not yet, not sure whether Jack has plan to implement the >> > offloading. I know old Intel i82550 also supported IPSec offloading >> > but Intel didn't release required information to implement it. 3Com >> > also supported IPSec offloading in their 3XP hardwares(txp(4)) but >> > the offloading was not implemented. >> > >> >> Hi Pyun, >> >> Thanks for your info! By the way, who is Jack? Is he the author of >> this driver? I really need to have this feature usable on the driver. >> I bought these NICs with 82576 chipset for the purpose of implementing >> IPsec in my network and my current FreeBSD servers could benefit it. >> Just really thought it has support because FreeBSD was already part of >> the supported operating system. I was alerted when I've re-read the >> product info document again that it only support Windows 2008 and >> Vista platforms. Now, I've confirmed that with the current existing >> driver. I hope this guy has the plan of implementing it sooner because >> I really need it. >> >> Thanks, >> Siquijor >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a27b90e40910100803r3290cd10ldb983919bf9dfb35>