Re: regarding vpn server for 1500 clients

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Ray Van Dolson wrote:
> On Fri, Dec 19, 2008 at 01:14:34PM -0500, Ross Walker wrote:
>   
>> On Dec 19, 2008, at 12:20 PM, Ray Van Dolson <rayvd@xxxxxxxxxxxx> wrote:
>>
>>     
>>> How about lots of GRE tunnels? :-)
>>>       
>> Well PPTP is PPP over GRE, so that's basically it.
>>
>> PPTP can run without encryption too if the OP really doesn't care  
>> about encryption.
>>
>>     
>
> The only thing I'll say in the world of using PPTP (via PoPToP) is to
> consider what happens when most or all of your clients reconnect at one
> time (network glitch, etc).  This was my biggest challenge as the
> original configuration had PPP calling all sorts of perl scripts and
> such from its ip-up mechanism.  The server would come to a complete
> crawl as 800+ of these ip-up scripts would fire off along with their
> associated tasks.  This would result in clients timing out, links
> failing, etc -- the server could never "catch up". 
>   

I was recommending it based on the protocol. I did mention that I have 
limited deployment experience.

OUCH. All that perl could really kill the user experience.....

Almost as bad as a D-H exponentiation!


> The band-aid solution was to rate limit SYN packets that established
> the connection... the permanent solution was to write a plugin for PPPd
> in C that replaced most of the ip-up functionality with something a bit
> more efficient.
>
> As long as you're not needing to do any sort of complex post login
> tasks for each user, this may not even end up being an issue.  But
> something to keep in mind and plan for if you're talking 1500 users...
> :)
>
> Ray
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>   
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux