OPNsense Forum
Archive => 20.7 Legacy Series => Topic started by: bulmaro on October 14, 2020, 12:16:34 am
-
OpenVPN performance
Dear, can someone guide me in the configuration of my OpenVPN road warrior server to connect 380 users, it is to replicate database transactions every 5 minutes like 300 lines of records for each user, I need your recommendation to configure the openvpn server , it would support with a single tun ovpns1 the traffic of 380 users or divide the load to another tun ovpns2, ovpns3 ...
What would be the best recommendation and what should I consider to configure my openvpn server.
Thank you for your attention
-
It´s more a hardware and bandwidth problem. It depends on your CPU (it should support AES-NI) and your choice of encryption algos.
Maybe you can post your hardware specs.
The amount of users should not be a problem for an OpenVPN server. You need to keep in mind to have an IP pool which fits your needs. A /24 network is too small. At least a /23 net is needed.
-
I thank you very much, for your prompt response Gauss23, it would be about the AWS platform instance of the t4g.large team, vCPUs 2, Memory 8 GiB, Network performance Up to 5 Gigabit.
would it be with a single WAN interface?
-
Looks like the ARM based Graviton2 processors used in t4g instances don't support AES-NI which could be a huge performance drawback.
And 2 CPUs for 380 VPN connections seem to be a bit small dimensioned.
-
it would be the Amazon EC2 X1 instance
which instance do you recommend?
-
X1 is really expensive. Are you sure?
I think I would try t3.xlarge (Intel Xeon) or t3a.xlarge (AMD EPYC). Both of them have 4 cores/threads and 16GB RAM.
But let's see if someone else has another idea about that.
-
I think your recommendation to start and observe the performance is good, hopefully if someone else has another recommendation