CPU Extensions & Technologies (Instruction Sets) : AES-NI, AVX-512, etc.

Started by carly, September 29, 2025, 04:25:03 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 29, 2025, 04:25:03 PM
Please forgive my poor websearching abilities.  Is there any benefit to having AVX-512 in the context of OPNsense?  Did I get that mixed up with AES-NI?
Today at 05:29:42 AM #1
To the first question: Possibly, but if you are, for instance, bench racing Arrow Lake vs. Zen 5, for roughly cost-equivalent parts you probably wouldn't experience a meaningful difference. Unless you find a piece of software that heavily utilizes AVX512 specifically, in which case it can make a significant difference. I could see using vector instructions for bulk data processing, e.g. an IPS, but it's not something I use.

As to the second, AES-NI is an SSE-era vector extension, so it's in the ballpark. It's been around for a while, with 128b and 256b implementations (no 512b that I've seen) and one or two available execution units (per core), depending on the processor. I have no idea how the FreeBSD kernel driver implements it. One of these days I'll get around to testing it. For the heck of it, as I don't use VPNs either.

Why do you ask?
Today at 04:13:02 PM #2
Quote from: pfry on Today at 05:29:42 AMWhy do you ask?
I was just wondering if there were any functions that OPNsense used that benefited from AVX-512?  I remember that AES-NI is used, but I could not remember the other.
Today at 04:56:59 PM #3
Quote from: carly on Today at 04:13:02 PMI was just wondering if there were any functions that OPNsense used that benefited from AVX-512?  I remember that AES-NI is used, but I could not remember the other.

Ya got me. I wouldn't consider AVX512 as a significant input into a purchasing decision for hardware to run OPNsense. It would generally vanish beneath cost, power, I/O options, noise, size, etc. But your choices may differ.
Print
Go Up Pages1
User actions