Well, of course we want to have encryption.
But what I was wondering about is what type of encryption algorithm (e.g. DES, AES, etc) that would be most efficient in terms of hardware acceleration in order to get the highest possible speed without to much load on the main processor on a RB3100 connected to a CCR1009.
According to the Qualcomm specs, the IPQ8064 has support for IPSec hardware encryption but I can't find any info regarding the RB3011 on the product pages or wiki...
That's easier then. Use AES over DES. 3DES is notoriously slow in software, and it's unlikely to be optimized in hardware.
As far as 3011 support, it does not seem to be in the firmware suite yet, despite being a capability on the chip:http://wiki.mikrotik.com/wiki/Manual:IP ... encryption
According to that link above, only the following have encryption hardware offload capabilities, and then only for AES:
hEX v3 (RB750Gr3 model only)
All Cloud Coure Router series devices
RB850Gx2 (only starting 2016, serial numbers that begin with number 5)