on 12-19-2008 7:49 AM Ray Van Dolson spake the following: > On Fri, Dec 19, 2008 at 03:42:08PM +0000, Karanbir Singh wrote: >> Rainer Duffner wrote: >>>> 1500 clients is quite a lot, but not hard to handle from a single >>>> machine if you select a cpu capable of doing ssl quickly. eg a power6 >>>> machine with a few cores would handle that without any problems. >>> And what is the suggested RRP of such a thing? >>> (If one may ask). >> I am sure if you ask someone who sells them, they will tell you :D >> >>>> If you want to stick with commodity hardware, a couple of quad core >>>> amd's should also fit right in. >>> Or use an SSL-offloader. >>> Then, you can handle the same load with much less CPU-power. >> Can get fiddly, with specific drivers and patches required to various >> bits.. But thats a solution that could work too. >> > > To OP; anecdotal evidence only -- and I certainly wouldn't recommend > using PPTP for a secure VPN solution :) At my previous job we ran > PoPToP (PPTP) on CentOS and the older HP DL140 G1 1U servers and were > handling up to 1000 clients pretty comfortably per machine. This was > with 1GB of RAM per server and a single 2.4GHz Xeon processor. > > Left before we could migrate to OpenVPN which I think would have > slightly higher processing requirements. :) > > Ray If you could use a lower CPU intensive crypt like blowfish, it would be easier. Are all these trading partners in different locations or are there semi large groups in the same locations? Maybe a hundred or so share an office, you could set up IPSec tunnels to each remote office and pass all 100 through that tunnel. It takes a lot less CPU to pass 100 combined then 100 separate connections. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
