Stunnel vs OpenVPN (OpenVPN MAX concurrent sessions)
Posted: Tue Mar 15, 2011 4:34 pm
Hi
I hope it's ok to post an architecture question here?
Whilst searching this site I learned that OpenVPN (server side) doesn't like more then 1024 concurrent sessions.
Although I thought it was odd, I moved my design to "stunnel" which appeared "lighter" in the hope my server could
sustain around 3K concurrent connections at peak.
The clients are remote embedded Linux/GSM platforms. They establish a "ppp0" session to the mobile network provider and I would
like to establish a VPN over the "ppp0" between the remote client and my server. The session is not permanent and is only established
when the client wants to send something....typically every 30seconds
1. Firstly....am I correct in believing OpenVPN doesn't like > 1024 connections?
2. Are there any switches that support OpenVPN that could handle > 1024 concurrent connections?
3. Is stunnel really "lighter"....would I not be better off deploying OpenVPN and then deploy a switch when I approach 1000 clients
(This is assuming there are switches that I could off load the OpenVPN session to)?
Any tips and pointers would be greatly appreciated!!!
Thanks
Bruce
I hope it's ok to post an architecture question here?
Whilst searching this site I learned that OpenVPN (server side) doesn't like more then 1024 concurrent sessions.
Although I thought it was odd, I moved my design to "stunnel" which appeared "lighter" in the hope my server could
sustain around 3K concurrent connections at peak.
The clients are remote embedded Linux/GSM platforms. They establish a "ppp0" session to the mobile network provider and I would
like to establish a VPN over the "ppp0" between the remote client and my server. The session is not permanent and is only established
when the client wants to send something....typically every 30seconds
1. Firstly....am I correct in believing OpenVPN doesn't like > 1024 connections?
2. Are there any switches that support OpenVPN that could handle > 1024 concurrent connections?
3. Is stunnel really "lighter"....would I not be better off deploying OpenVPN and then deploy a switch when I approach 1000 clients
(This is assuming there are switches that I could off load the OpenVPN session to)?
Any tips and pointers would be greatly appreciated!!!
Thanks
Bruce