[ previous ] [ next ] [ threads ]
 
 From:  "liran tal" <liransgarage at gmail dot com>
 To:  "Jonathan De Graeve" <Jonathan dot DeGraeve at imelda dot be>, m0n0wall at lists dot m0n0 dot ch, "John Gar" <begood at gmail dot com>
 Subject:  Re: [m0n0wall] 50K concurrent users - possible?
 Date:  Mon, 4 Sep 2006 04:49:24 -0400 
I'm thinking the pitfalls are probably:
 * The firewall rules limit that BSD allows (if there is any)
 * If the httpd would be able to handle the load of requests for
authentication and such
 * The through-put of the box. 50k is alot, even if every client is only
receiving 256kbit/512kbit which is a
   minimum speed requirement by end-users these days.

Nice thinking about the OO port Jonathan.

On 9/4/06, Jonathan De Graeve <Jonathan dot DeGraeve at imelda dot be> wrote:
>
> If somebody does the appropriate funding I will be happy to rewrite
> everything to an OO infrastructure which will make threading of the
> captive portal possible. In that case it will certainly be possible to
> handle 50k users (although it will be without mac locking) and I don't
> know the maximum ruleset for a BSD based system. But for the moment, not
> yet... I'm in the way of moving to such an infrastructure.
>
> PS even a Cisco doesn't handle this atm. I know only one system that is
> able of handling 100k users but its not public available yet and it runs
> on linux. It is from a guy who works at my old university (KULeuven) and
> consists of at least 2hardware boxes. (router/login-logout frontend
> server)
>
> Can I ask for which situation you need to handle 50k users?
>
> Kind Regards,
>
> J.
>
> --
> Jonathan De Graeve
> Network/System Engineer
> Imelda vzw
> Informatica Dienst
> +32 15/50.52.98
> jonathan dot de dot graeve at imelda dot be
>
> ---------
> Always read the manual for the correct way to do things because the
> number of incorrect ways to do things is almost infinite
> ---------
>
> > -----Oorspronkelijk bericht-----
> > Van: John Gar [mailto:begood at gmail dot com]
> > Verzonden: maandag 4 september 2006 8:04
> > Aan: m0n0wall at lists dot m0n0 dot ch
> > Onderwerp: [m0n0wall] 50K concurrent users - possible?
> >
> > I need to support session control for 50,000 concurrent users using
> > MAC RADIUS authentication and up/down bandwidth throttling. For the
> > task I have no Dual CPU Dual core XEON 3.0GHZ/4MB (4 way).
> > I don't need any firewall rules, except redirecting users to an
> > activation portal where they can add their MAC address (no
> > user/password login is needed).
> >
> > Can m0n0wall do the job? I read somewhere it can only use one
> CPU/Core.
> >
> > Also I need to add CARP (but not pfsynch). How difficult is that?
> > I looked at pfSense too, but the current version will no do MAC auth,
> > will not process RADIUS bandwidth reply attributes,  and I do need to
> > shape upload too, which  ALTQ wont.
> >
> > /John
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>