Hi,

I try to get the hardware-cryptoaccelerator working on the my ASUS WL-500G Premium V1.

I used recent trunk (r15049) with kernel 2.6, enabled ubsec_ssb and used the patched openssl-package from www.danm.de (2/22/09), and set "force use of ocf".

the kernel-modules loads just fine, and if I test openssl (openssl speed -engine cryptodev -evp aes-256-cbc) I get good results, so openssl is working with the hardware, but with openvpn I don't get any performance increase. I added "engine cryptodev" to /etc/config/openvpn and I can see in the log, that the engine is initialized, but I only get 450-500 kByte/s with aes-256-cbc encryption.

Is there someone, who has a working setup?

Do I need to patch openvpn too?
or does it use the cryptohardware but something else is the bottleneck? I don't know memory-bandwidth, or something?

I'm also interested in getting hardware crypto to work with OpenVPN on the WL500GP.

Any update on this?

I am working on this same issue with the Router Station Pro.... anyone get this working yet?

I am using the Soekris VPN1411 and a RS Pro main unit

I got it working using the ocf hifn driver. Hoewever the user-to-kernel and kernel-to-user copying of packets (context switches) is the bottleneck. The OpenVPN speed gets capped long before the crypto accel would make a difference. Its only useful for pure Kernel based VPNs like IPSec or L2TP.

I can confirm that the Soekris VPN1411 crypto hardware works with the OCF HiFn drivers. OpenVPN and IPsec.

(Last edited by Dogge on 4 Aug 2010, 12:06)

which hifn driver are you using? kmod-crypto-ocf-hifn7751 or the kmod-crypto-hw-hifn-795x?

Thanks for the responses!

"ocf hifn" -> kmod-crypto-ocf-hifn7751