[nycbug-talk] Soekris OpenVPN and Firewall

Michael Hanulec hanulec
Thu Jun 2 10:15:16 EDT 2005


While I haven't used OpenVPN yet I would recommend looking at either the 
Soekris 4801 or the PC Engine Wrap 1 series as they have 266MHz 
processors.  There is a review of the PC Engine unit here:


W/in the review a problem was showing in how FreeBSD was handling the 
network ports on the Soekris box.

I'm currently working with the PC Engine units and OpenBSD to make some 1U 
firewall solutions.


hanulec at hanulec.com		cell: 858.518.2647 && 516.410.4478
http://www.hanulec.com                EFnet irc && aol im: hanulec

On Wed, 1 Jun 2005, George Georgalis wrote:

> I'm planning my first Soekris deployment and was wondering how some
> software fails when overloaded.  In both cases I'm planning to use
> OpenBSD (or DFly) on a net4501 with a cflash card.
> The first unit will only run pf rules with OpenVPN. I assume there is no
> realistic limit to of the number of simultaneous (ie at least 1000s) VPN
> connections, but a limit to the amount of total VPN throughput. What is
> the upper limit and what happens as it is approached? Do people use some
> pf rules to gracefully hit that upper limit?
> The second unit will be for standard firewalling. I'm sure the available
> bandwidth is quite high.
> (There is no carp plans at the moment). Both units will do remote logging.
> Is a 256Mb cflash a good size? Or should I consider 128, 512, 1G?
> // George
> -- 
> George Georgalis, systems architect, administrator Linux BSD IXOYE
> http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month

More information about the talk mailing list