[Commotion-admin] [commotion-openwrt] Extend ad-hoc security via TLS tunnels on mesh backend (#25)
Ben West
notifications at github.com
Wed Sep 11 16:51:47 UTC 2013
Would these tunnels be intended to transport all AP traffic from repeater nodes back to gateways, or just for select traffic? If the former, I would recommend keeping an eye on the performance impact of enclosing AP traffic in encrypted tunnels, as the nodes only have 400MHz of CPU and 32MB of RAM. Commotion-OpenWRT already uses significant RAM on the device, so there may be suboptimal memory left to support substantial tunnel traffic.
Also, the 24kc MIPS CPU on the ar71xx platform does provide limited hardware acceleration for SSL encryption in the openssl library, specifically SHA1, SHA256, and AES, if there are tunneling applications which use that. This could substantially reduce the burden of such tunnels on the embedded CPU.
https://dev.openwrt.org/changeset/33531/trunk/package/openssl/Makefile
Measuring SSL performance is actually pretty simple with "openssl speed" command.
http://wiki.openwrt.org/inbox/benchmark.openssl#enable.hardware.acceleration
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/commotion-openwrt/issues/25#issuecomment-24256596
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20130911/2d166016/attachment.html>
More information about the Commotion-admin
mailing list