0

Looking to create a vpn server where clients can speak to one another. So far so good using OpenVPN. The question I have is how many clients can I have per server? We are looking to have several thousand clients at a time.

What kind of hardware would we be looking at?

Thanks!

JonYork
  • 141
  • 2
  • 7

1 Answers1

0

Encrypting and decrypting will take up CPU. At work here a basic P4 3.0GHz with 2GB RAM handles about 40-50 concurrent connections with very little effort. But no file transfers happen so there is not much bandwidth usage.

You don't provide much detail, but in your situation it would be ideal if you could setup openvpn with a system with decent hardware. You could monitor that system and find out whether it can handle the load or not and upgrade based on it.

From a few other similar questions on SF,

Link 1

Link 2

Community
  • 1
Nel
  • 179
  • 1
  • 11
  • Note that the answer contains a pathetic slow processor. A modern desktop processor will have 8-9 times the power (thanks to multiple cores and being fater item per item) if not more. I would say a six core phenom II possibly has 10-30 times the power of that basic P4. ENough to handle a couple of hundred users. – TomTom Apr 11 '11 at 07:30
  • @TomTom it was just an example for comparision. I mentioned it so that the OP can get an idea. I also mentioned to setup a system with 'decent' hardware to start off with. – Nel Apr 11 '11 at 09:04
  • Oh, it was not meant negative. Pretty often firewalls ARE slow because they dont need more. I jsut wanted to put it in perspective. There should not be a problem running 250-500 connections no one cpu these days. – TomTom Apr 11 '11 at 09:22
  • Thanks a bunch guys, I guess my biggest concern is setting the IP address to support that many clients on the same network right? The machine I will be using for the VPN is a 2x4 core xeon, with 2xgbit lan and 16gb of ram... Any suggestions for the VPN IP Address? – JonYork Apr 11 '11 at 13:14
  • You can use the Class A private address space. It gives you a range of 10.0.0.0 - 10.255.255.255 (10.0.0.0/8), which is plenty of addresses. – Nel Apr 11 '11 at 14:49