[nycbug-talk] Soekris OpenVPN and Firewall
Michael Hanulec
hanulec
Thu Jun 2 10:15:16 EDT 2005
George..
While I haven't used OpenVPN yet I would recommend looking at either the
Soekris 4801 or the PC Engine Wrap 1 series as they have 266MHz
processors. There is a review of the PC Engine unit here:
http://www.tomsnetworking.com/Reviews-169-ProdID-WRAP1D2.php
W/in the review a problem was showing in how FreeBSD was handling the
network ports on the Soekris box.
I'm currently working with the PC Engine units and OpenBSD to make some 1U
firewall solutions.
-Mike
--
hanulec at hanulec.com cell: 858.518.2647 && 516.410.4478
http://www.hanulec.com EFnet irc && aol im: hanulec
On Wed, 1 Jun 2005, George Georgalis wrote:
> I'm planning my first Soekris deployment and was wondering how some
> software fails when overloaded. In both cases I'm planning to use
> OpenBSD (or DFly) on a net4501 with a cflash card.
>
> The first unit will only run pf rules with OpenVPN. I assume there is no
> realistic limit to of the number of simultaneous (ie at least 1000s) VPN
> connections, but a limit to the amount of total VPN throughput. What is
> the upper limit and what happens as it is approached? Do people use some
> pf rules to gracefully hit that upper limit?
>
> The second unit will be for standard firewalling. I'm sure the available
> bandwidth is quite high.
>
> (There is no carp plans at the moment). Both units will do remote logging.
> Is a 256Mb cflash a good size? Or should I consider 128, 512, 1G?
>
> // George
>
>
> --
> George Georgalis, systems architect, administrator Linux BSD IXOYE
> http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>
>
>
More information about the talk
mailing list