| ▲ | Avamander 17 hours ago | ||||||||||||||||
Mikrotik's hardware often can't even do linespeed beyond basic switching, not to mention VPN, so yeah. | |||||||||||||||||
| ▲ | renewiltord 12 hours ago | parent [-] | ||||||||||||||||
I meant the comments. Sadly I've linked the wrong permalink and confused everyone. > > > I see. I'll terminate at the Ryzen 7950 box behind the router and see what I get. > > That will still be a no. Outside of very specialized solutions this level of the performance is not available. It is rarely needed in real life anyways. Only small amount of traffic neess to be protected this way; for everything else point to point protection with ssh or tls is adequate. I studied different router devices and most (ipsec is dominant) have low encryption truoughput compared to routing capabilities. I guess that matches market requrements. > It looks like I can get 8 Gbps with low CPU utilization using one of my x86 machines as terminal. This is pretty good. Don't need 10 G precisely. 8G is enough. I've done precisely this so easily. I just terminate the WG at a gateway node and switch in Linux. It's trivial and throughput can easily max the 10G. I had a 40G network behind that on obsolete hardware providing storage and lots of machines reading from that. Reading that thread was eye-opening since they should have just told him to terminate on the first machine behind. Which he eventually did and predictably worked. | |||||||||||||||||
| |||||||||||||||||