[strongSwan] Question regarding site-to-site multiple tunnel setup.
Eric Germann
ekgermann at semperen.com
Mon Jan 16 21:43:25 CET 2017
You could get creative with subnet masks in left/right subnet and group them and send 64 towards one, 64 towards the second, using their route tables on the 200 machines.
EKG
> On Jan 16, 2017, at 3:29 PM, Scott Walker <scott.walker at framestore.com> wrote:
>
> Fast.... I know not a wonderful answer.
>
> The more throughput we can get the better. Right now I am pushing 440-470 Mbit/s thru 1 tunnel. Ideally I'd like to get 3-4 tunnels up.
>
> The other end of the tunnel is going to ~200 compute nodes pulling/pushing data.
>
> I'm just not sure on the specifics of multiple tunnels ummm bonded? (do you even bond them?)
>
> On 11 January 2017 at 20:55, Eric Germann <ekgermann at semperen.com <mailto:ekgermann at semperen.com>> wrote:
> What kind of throughput are you looking for?
>
> AES-GCM with HW that supports AESNI, we routinely get 300+Mbps
>
> EKG
>
> > On Jan 11, 2017, at 4:48 PM, Scott Walker <scott.walker at framestore.com <mailto:scott.walker at framestore.com>> wrote:
> >
> > I'm looking to build an infra that is
> >
> >
> > local site -> remote site
> >
> > But using multiple tunnels in order to get the B/W I need. (plenty of servers at the remote end talking back so I want to be sure it's not all rammed down one tunnel).
> >
> > Most of the docs I'm finding revolve around this type of config but for VPC (AWS, GCE, etc).
> >
> > I do admit I'm a bit lost right now as to how I go about this approach.
> >
> > So if I have say 3-4 servers on local site and 3-4 servers on remote dedicated as VPN end points.
> >
> > Would I configure a 1-1 ratio? Create a mesh? How on local would I do routing? I'm not looking for HA this is for PURE speed reasons.
> >
> > I'm reading everything I can find but I'm still in the dark.
> > _______________________________________________
> > Users mailing list
> > Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
> > https://lists.strongswan.org/mailman/listinfo/users <https://lists.strongswan.org/mailman/listinfo/users>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170116/045b7352/attachment-0001.html>
More information about the Users
mailing list