[ previous ] [ next ] [ threads ]
 
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] simultaneous 1000 VPN access
 Date:  Fri, 24 Feb 2006 09:44:46 -0600
Lee Sharp wrote:
> From: "brandon" <bstone108 at comcast dot net>
>> Shafiul Alam wrote:
> 
>>> I've just start playing with the m0n0wall and stuck with a query -
>>> Does m0n0wall support simultaneous 1000 VPN access ? or Can I have
>>> that capability with mon0wall (whatver hardware require) ?
> 
>> I believe to handle that many clients you would need a good machine,
>> prefer a hardware crypto card, add lots of ram and a modified
>> m0n0wall image to make use of the extra ram.   that's about it from
>> my knowledge.    I think it would work though, but you would need a
>> good machine. 
> 
>> actualy I don't know if m0n0wall has done vpn on that large of scale
>> before,  if it has I'm curious of the results :P
> 
> This started me thinking.  First, how fast a connection and which VPN?
> Assuming PPtP, you would need to modify the code to open up more than
> the 16 connections.  This would take quite a bit of memory.  Also, a
> LOT of IP addresses.  You will also have some considerable load.  You
> would need a custom image to take advantage of duel core CPUs, or
> multi cpu boxes.  A crypto card would help, but I don't think it
> would be enough. 

I don't think 1000 PPTP VPN connections is feasible. It may be possible
with IPSEC VPN connections. This would configuration would be helped by
a crypto card and a fairly powerful box. I agree with Brandon's
summation of a custom image for extra ram.

_________________________________
James W. McKeand