This articl e over at linux.com explains how you can set up a pppd link over ssh. Once you have done this, you can then use it together with packet filtering to create a VPN. Basically it goes something like:
Set up an ssh link between two routers A (your local router running Linux or your free operating system of choice with support for SSH and packet filtering) and B (the remote router where the rest of the VPN lives).
Run pppd on top of ssh.
Tell all the other machines in the local area to use A as the router for all addresses within the VPN.
Set up router A with ipchains to forward all connections from the local VPN over the PPP-on-SSH system to router B.
Set up router B (another linux box) to forward all packets from A to their correct addresses on the remote systems.
This should work with all operating systems that support TCP/IP (last time I checked that was most;-), and theoretically should be transparent to the rest of the network at both ends. It's free. You can choose the level of encryption. It's a tad kludgy, but it works. Waleed.
It seems to me that with Linux' hard disk buffering algorithms, this card wouldn't really make much difference from simply putting, say, 4 gigs onto the motherboard. All the useful files would simply be loaded into the buffer on the first load (yes, a once-off performance penalty, but no slower than copying the files from a normal hard disk to a solid state one), and then it would be faster even than RAM sitting way out there on the PCI bus.
On other OSes, perhaps it would be advantageous. But as to the suggestion that it could be used for virtual memory (this was on their Web page!), you have got to laugh. Does it make any sense to anyone? I mean why go through the kernel as a file operation, go through the PCI bus, get the stuff from RAM, bring it back and THEN turn it into a page; rather than using actual RAM?
Has anyone actually done benchmarks on the supposed applications of these things (say, webserving under Linux)? I could find no benchmarks on their web page. It seems to me that it might be 10 or 20 per cent faster, but given that the bottleneck is likely to be the network and not the machine (and besides, it would be better value to simply *upgrade* the machine), why bother?
Slashdot Mirror
- Set up an ssh link between two routers A (your local router running Linux or your free operating system of choice with support for SSH and packet filtering) and B (the remote router where the rest of the VPN lives).
- Run pppd on top of ssh.
- Tell all the other machines in the local area to use A as the router for all addresses within the VPN.
- Set up router A with ipchains to forward all connections from the local VPN over the PPP-on-SSH system to router B.
- Set up router B (another linux box) to forward all packets from A to their correct addresses on the remote systems.
This should work with all operating systems that support TCP/IP (last time I checked that was mostOn other OSes, perhaps it would be advantageous. But as to the suggestion that it could be used for virtual memory (this was on their Web page!), you have got to laugh. Does it make any sense to anyone? I mean why go through the kernel as a file operation, go through the PCI bus, get the stuff from RAM, bring it back and THEN turn it into a page; rather than using actual RAM?
Has anyone actually done benchmarks on the supposed applications of these things (say, webserving under Linux)? I could find no benchmarks on their web page. It seems to me that it might be 10 or 20 per cent faster, but given that the bottleneck is likely to be the network and not the machine (and besides, it would be better value to simply *upgrade* the machine), why bother?