[CentOS] regarding vpn server for 1500 clients

Fri Dec 19 16:17:22 UTC 2008
Robert Moskowitz <rgm at htt-consult.com>

Ray Van Dolson wrote:
> On Fri, Dec 19, 2008 at 03:42:08PM +0000, Karanbir Singh wrote:
>   
>> Rainer Duffner wrote:
>>     
>>>> 1500 clients is quite a lot, but not hard to handle from a single 
>>>> machine if you select a cpu capable of doing ssl quickly. eg a power6 
>>>> machine with a few cores would handle that without any problems.
>>>>         
>>> And what is the suggested RRP of such a thing?
>>> (If one may ask).
>>>       
>> I am sure if you ask someone who sells them, they will tell you :D
>>
>>     
>>>> If you want to stick with commodity hardware, a couple of quad core 
>>>> amd's should also fit right in.
>>>>         
>>> Or use an SSL-offloader.
>>> Then, you can handle the same load with much less CPU-power.
>>>       
>> Can get fiddly, with specific drivers and patches required to various 
>> bits.. But thats a solution that could work too.
>>
>>     
>
> To OP; anecdotal evidence only -- and I certainly wouldn't recommend
> using PPTP for a secure VPN solution :)  

The OP did not want security, only tunneling. His desire. Definitely not 
mine. My work for the last 14 years has been to make communication on 
the Internet unassailable, at least along the data path (I make no 
attempts with the OS or apps).

I would like to see ALL communications be encrypted. D*MN the torpedos!

> At my previous job we ran
> PoPToP (PPTP) on CentOS and the older HP DL140 G1 1U servers and were
> handling up to 1000 clients pretty comfortably per machine.  This was
> with 1GB of RAM per server and a single 2.4GHz Xeon processor.
>   

I have heard of similar numbers.

> Left before we could migrate to OpenVPN which I think would have
> slightly higher processing requirements. :)

Sure would have!