[CentOS] regarding vpn server for 1500 clients

Scott Silva ssilva at sgvwater.com
Fri Dec 19 18:26:57 UTC 2008


on 12-19-2008 7:49 AM Ray Van Dolson spake the following:
> On Fri, Dec 19, 2008 at 03:42:08PM +0000, Karanbir Singh wrote:
>> Rainer Duffner wrote:
>>>> 1500 clients is quite a lot, but not hard to handle from a single 
>>>> machine if you select a cpu capable of doing ssl quickly. eg a power6 
>>>> machine with a few cores would handle that without any problems.
>>> And what is the suggested RRP of such a thing?
>>> (If one may ask).
>> I am sure if you ask someone who sells them, they will tell you :D
>>
>>>> If you want to stick with commodity hardware, a couple of quad core 
>>>> amd's should also fit right in.
>>> Or use an SSL-offloader.
>>> Then, you can handle the same load with much less CPU-power.
>> Can get fiddly, with specific drivers and patches required to various 
>> bits.. But thats a solution that could work too.
>>
> 
> To OP; anecdotal evidence only -- and I certainly wouldn't recommend
> using PPTP for a secure VPN solution :)  At my previous job we ran
> PoPToP (PPTP) on CentOS and the older HP DL140 G1 1U servers and were
> handling up to 1000 clients pretty comfortably per machine.  This was
> with 1GB of RAM per server and a single 2.4GHz Xeon processor.
> 
> Left before we could migrate to OpenVPN which I think would have
> slightly higher processing requirements. :)
> 
> Ray
If you could use a lower CPU intensive crypt like blowfish, it would be easier.

Are all these trading partners in different locations or are there semi large
groups in the same locations?
Maybe a hundred or so share an office, you could set up IPSec tunnels to each
remote office and pass all 100 through that tunnel. It takes a lot less CPU to
pass 100 combined then 100 separate connections.



-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.centos.org/pipermail/centos/attachments/20081219/de7fd612/attachment.bin 


More information about the CentOS mailing list