on 12-19-2008 7:49 AM Ray Van Dolson spake the following:
On Fri, Dec 19, 2008 at 03:42:08PM +0000, Karanbir Singh wrote:
Rainer Duffner wrote:
1500 clients is quite a lot, but not hard to handle from a single machine if you select a cpu capable of doing ssl quickly. eg a power6 machine with a few cores would handle that without any problems.
And what is the suggested RRP of such a thing? (If one may ask).
I am sure if you ask someone who sells them, they will tell you :D
If you want to stick with commodity hardware, a couple of quad core amd's should also fit right in.
Or use an SSL-offloader. Then, you can handle the same load with much less CPU-power.
Can get fiddly, with specific drivers and patches required to various bits.. But thats a solution that could work too.
To OP; anecdotal evidence only -- and I certainly wouldn't recommend using PPTP for a secure VPN solution :) At my previous job we ran PoPToP (PPTP) on CentOS and the older HP DL140 G1 1U servers and were handling up to 1000 clients pretty comfortably per machine. This was with 1GB of RAM per server and a single 2.4GHz Xeon processor.
Left before we could migrate to OpenVPN which I think would have slightly higher processing requirements. :)
Ray
If you could use a lower CPU intensive crypt like blowfish, it would be easier.
Are all these trading partners in different locations or are there semi large groups in the same locations? Maybe a hundred or so share an office, you could set up IPSec tunnels to each remote office and pass all 100 through that tunnel. It takes a lot less CPU to pass 100 combined then 100 separate connections.