[strongSwan] strongswan performances for IKEv2 tunnels
Stefano Sasso
stesasso at gmail.com
Tue Jul 2 12:24:41 CEST 2013
Hi all,
I have been asked to deploy a big ipsec terminator.
Since now, I only configured strongswan with tens of tunnels, but they
asked me to deploy a box that can handle 500 tunnels (up to 1000 in the
future).
The configuration will be IKEv2 with virtual ip addresses, PKI
(certificate based authentication). For now, there will be no matter on
ip address assignment, but in the future there can be a possibility to
have ip addresses associated to certificate CN.
The traffic will be max 10Mbps (but 2 Mbps average, or less) per single
client.
What do you think is the best in choice of CPU and RAM requirements?
For the moment I can use a box with 24GB of ram and 2 x intel xeon E5-2420
(
6 cores,
12 threads
1,9 Ghz speed (turbo 2.4 GHz)
AES-NI support
)
thanks a lot
stefano
--
Stefano Sasso
http://stefano.dscnet.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130702/1cf28519/attachment.html>
More information about the Users
mailing list