Text only | Text with Images

OPNsense Forum

English Forums => 24.7, 24.10 Legacy Series => Topic started by: bimbar on November 06, 2024, 06:52:25 PM

Title: Is there a practical limitation on the number of ipsec tunnels?
Post by: bimbar on November 06, 2024, 06:52:25 PM
What the subject says, does an excessive number of ipsec tunnels slow down the firewall, does it lead to memory problems or something similar?
What would the recommended maximum number of ipsec tunnels be?
Title: Re: Is there a practical limitation on the number of ipsec tunnels?
Post by: Monviech (Cedrik) on November 06, 2024, 07:14:18 PM
I guess it depends on the hardware since it uses resources. So the better hardware the higher the number of possible tunnels.

https://wiki.strongswan.org/issues/2911
Title: Re: Is there a practical limitation on the number of ipsec tunnels?
Post by: franco on November 06, 2024, 07:46:31 PM
From experience three digit situations should be more than workable. In practice... it depends like Cedrik mentions.


Cheers,
Franco
Title: Re: Is there a practical limitation on the number of ipsec tunnels?
Post by: bimbar on November 06, 2024, 10:20:34 PM
The customer has 60 IPSec tunnels and reports that performance gets worse over time and recovers after a reboot.
Title: Re: Is there a practical limitation on the number of ipsec tunnels?
Post by: franco on November 07, 2024, 08:07:51 AM
Which version? How much IPsec traffic on average?


Cheers,
Franco
Text only | Text with Images