On Fri, 10 May 2002, Ben Lutgens wrote: > how much overhead does the IPSEC add to the communication between > client and server? Is it negligible? I would think it would be. What > about the server end, does it need to be a real ass kicker or what? Not a whole lot - around 5-10%, IIRC. On the server side, it all depends on what you want. To run IPSec over a 100baseT connection, yeah, you need a pretty sweet box. Check out: http://www.freeswan.org/freeswan_trees/freeswan-1.95/doc/performance.html About halfway down the page, there's a table that shows the mbit/s, and what type of box you'd need to service it. Note that this assumes 3DES encryption -- there are patches for FreeS/WAN that support AES, and get about double the throughput. -- Nate Carlson <natecars at real-time.com> | Phone : (952)943-8700 http://www.real-time.com | Fax : (952)943-8500