Ray Van Dolson wrote: > On Fri, Dec 19, 2008 at 01:14:34PM -0500, Ross Walker wrote: > >> On Dec 19, 2008, at 12:20 PM, Ray Van Dolson <rayvd at bludgeon.org> wrote: >> >> >>> How about lots of GRE tunnels? :-) >>> >> Well PPTP is PPP over GRE, so that's basically it. >> >> PPTP can run without encryption too if the OP really doesn't care >> about encryption. >> >> > > The only thing I'll say in the world of using PPTP (via PoPToP) is to > consider what happens when most or all of your clients reconnect at one > time (network glitch, etc). This was my biggest challenge as the > original configuration had PPP calling all sorts of perl scripts and > such from its ip-up mechanism. The server would come to a complete > crawl as 800+ of these ip-up scripts would fire off along with their > associated tasks. This would result in clients timing out, links > failing, etc -- the server could never "catch up". > I was recommending it based on the protocol. I did mention that I have limited deployment experience. OUCH. All that perl could really kill the user experience..... Almost as bad as a D-H exponentiation! > The band-aid solution was to rate limit SYN packets that established > the connection... the permanent solution was to write a plugin for PPPd > in C that replaced most of the ip-up functionality with something a bit > more efficient. > > As long as you're not needing to do any sort of complex post login > tasks for each user, this may not even end up being an issue. But > something to keep in mind and plan for if you're talking 1500 users... > :) > > Ray > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > >