Please remove all the tracking from your link. Everything from the ? onwards.
1 Like
Is this something that needs to be done for all standard motherboards?
It’s more a question of the processor. The CPU should support AES-NI or RDRAND, in which case you don’t need this extension. What do I mean by “need”?
I would recommend it.
In the past, there was an entropy display in the Ipfire, a TRGND acted as a booster. Newer CPUs actually all support AES-NI.
Its not that great of a deal considering for a few bucks more you can get this mini pc board in a case with power supply, heat sink and ram.
I’ve been thinking about testing these Ryzan mini PCs for other uses, but I imagine you could use it at a router that would work just as good as most of the mainstream routers.
Hot i/o is where you have to focus on in this application just like gamers look at frames per second.
I would look for a computer that was more designed for networking like this one: Amazon.com: Supermicro Superserver E300-9D-4CN8TP Intel Xeon D-2123IT Networking PC w/ 2X SFP+, 2X 10GbE LAN, 4X GbE LAN, IPMI : Electronics
In the future when I replace my ageing AMD3 FX6600 PC, I am going to replace it with one of these Supermicro PCs designed for networking like the one in the link.
My current setup is a 1920x threadripper. I have 4 10gb sfp+ INTEL X520-DA2 based ports and 1 INTEL I226-V. I am looking to reduce power requirements and keep decent CPU power.
1 Like
Hi All.
This isn’t as necessary anymore. Since Linux 5.10 and IPFire CU169, the kernel now uses elliptic-curve cryptography to enhance RNG. If your CPU has built-in RNG functionality (you can check this on your FireInfo page), it should provide sufficient entropy for most setups. For typical firewall and VPN use, this will generally be enough.
If you’re running many VPN connections or handling other encryption-heavy tasks, an external hardware RNG could still improve performance by supplying additional entropy. But for standard configurations, the updated kernel’s RNG should be more than adequate.
Thanks,
A G
2 Likes
as a stop gap measure, you could get rid of the gaming card and drop in a low end video card because you just need basic video on ip fire and the minimum requirement so the machine posts. And replace the power supply to a 350W gold rated one.
The threadripper is a general purpose procesor that is tuned more for multi threading. Since ipfire doesn’t have any and disables hypertheading there are about 1000 other processors that would perform equal to or better than because the application of the machine is a single thread system.
A Xenon E is more equivalent to the threadrippers, But the Xenon D out beats them in this application because it has a higher memory bandwidth and lower latency i/o.
So the Xenon equivalent to run ipfire with the same performance would be a Xenon D-1702. A 25W processor. But it would be easier to get faster chips running at 45-60W.