My firewall has been sitting untouched for a good 2 weeks now. Some other projects came up, so I had to put this aside for a little while. But here’s where I’m at.
Everything is assembled and seems to be working great. I did make 1 goof on the hardware. The picoPSU I purchased had 24 pins instead of the 20 pins that I needed. Since I have another use for the 24 pin, I just replaced the 150 watt PSU with the 20 pin 120 watt one. Here’s the final parts list of what I have running:
- Jetway NF76-N1GL-LF- $140
- AD3RTLANG – Jetway 3 x Gigabit LAN Daughter board – $48
- picoPSU-120 + 102W Adapter Power Kit – $65
- M350 Universal Mini-ITX enclosure – $40
- 4GB 40 pin Embedded Disk Card 4000 – $58
- 2GB DDR2 Memory – $28
I’m now currently trying to build my own copy of Vyatta. Basically, I noticed that there were some bugfixes for the Via Nano, as well as support for it’s RNG added in the 2.6.31 kernel. I’m attempting to build Vyatta’s jenner branch with the newer kernel.
Hopefully next week I will have time to start tinkering with my custom Vyatta build again.
I had no idea Via CPUs had built in hardware encryption. Apparently this has been the case for awhile. Of course I discovered this right after I ordered my parts and made my last blog post. After some research, it also appeared that support for it seemed to be built into Vyatta, the firewall distribution I intend to install.
I spent a few days trying to figure out if going with Nano, a single threaded CPU with hardware encryption, would benefit us more than the multithreaded Atom CPU that I originally purchased. I knew the Atom would be a better multitasker than the low powered Via Nano (U2300) I was looking at, but I was always unsure about how much VPN traffic it could push.
I tried looking around for benchmarks, but there wasn’t much useful information out there. I guess people who like to build low energy systems don’t do as much benchmarking as people obsessed with having the fastest gaming rigs. 
It finally occured to me to examine the hardware specs of the appliances that Vyatta sells. I immediately discovered that their Vyatta 514 appliance uses an older 1 ghtz Via CPU. Not only that, but the specs say it can do L3 forwarding at 200Mbps , and VPN forwarding at 113 Mbps (IPSec).
I was sold on moving to the Via CPU with hardware encryption/decryption.
Here’s my latest parts list. I also reduced the size of the flash here to keep the total below $400 without shipping or tax.
- Jetway NF76-N1GL-LF- $140
- AD3RTLANG – Jetway 3 x Gigabit LAN Daughter board – $48
- picoPSU-150-XT + 102W Adapter Power Kit – $70
- M350 Universal Mini-ITX enclosure – $40
- 4GB 40 pin Embedded Disk Card 4000 – $58
- 2GB DDR2 Memory – $28
Hopefully I’ll know by the end of next week whether or not these parts will all play nice together.