Robert Moskowitz wrote: > Ray Van Dolson wrote: > >> On Fri, Dec 19, 2008 at 03:42:08PM +0000, Karanbir Singh wrote: >> >> >>> Rainer Duffner wrote: >>> >>> >>>>> 1500 clients is quite a lot, but not hard to handle from a single >>>>> machine if you select a cpu capable of doing ssl quickly. eg a power6 >>>>> machine with a few cores would handle that without any problems. >>>>> >>>>> >>>> And what is the suggested RRP of such a thing? >>>> (If one may ask). >>>> >>>> >>> I am sure if you ask someone who sells them, they will tell you :D >>> >>> >>> >>>>> If you want to stick with commodity hardware, a couple of quad core >>>>> amd's should also fit right in. >>>>> >>>>> >>>> Or use an SSL-offloader. >>>> Then, you can handle the same load with much less CPU-power. >>>> >>>> >>> Can get fiddly, with specific drivers and patches required to various >>> bits.. But thats a solution that could work too. >>> >>> >>> >> To OP; anecdotal evidence only -- and I certainly wouldn't recommend >> using PPTP for a secure VPN solution :) >> > > The OP did not want security, only tunneling. His desire. Definitely not > mine. My work for the last 14 years has been to make communication on > the Internet unassailable, at least along the data path (I make no > attempts with the OS or apps). > > I would like to see ALL communications be encrypted. D*MN the torpedos! > > >> At my previous job we ran >> PoPToP (PPTP) on CentOS and the older HP DL140 G1 1U servers and were >> handling up to 1000 clients pretty comfortably per machine. This was >> with 1GB of RAM per server and a single 2.4GHz Xeon processor. >> >> > > I have heard of similar numbers. > > >> Left before we could migrate to OpenVPN which I think would have >> slightly higher processing requirements. :) >> > > Sure would have! > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > openvpn doesn't hit a modern cpu that hard anymore(unless you dialup something higher than 128 bit). I routinely do 5-10 users an sub 1ghz machines with openvpn. Leave the encryption in place..it's not going to make a huge difference.