Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
OpenVPN performance
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN performance (Read 3123 times)
bulmaro
Newbie
Posts: 49
Karma: 13
OpenVPN performance
«
on:
October 14, 2020, 12:16:34 am »
OpenVPN performance
Dear, can someone guide me in the configuration of my OpenVPN road warrior server to connect 380 users, it is to replicate database transactions every 5 minutes like 300 lines of records for each user, I need your recommendation to configure the openvpn server , it would support with a single tun ovpns1 the traffic of 380 users or divide the load to another tun ovpns2, ovpns3 ...
What would be the best recommendation and what should I consider to configure my openvpn server.
Thank you for your attention
Logged
Gauss23
Hero Member
Posts: 756
Karma: 38
Re: OpenVPN performance
«
Reply #1 on:
October 14, 2020, 12:31:59 pm »
It´s more a hardware and bandwidth problem. It depends on your CPU (it should support AES-NI) and your choice of encryption algos.
Maybe you can post your hardware specs.
The amount of users should not be a problem for an OpenVPN server. You need to keep in mind to have an IP pool which fits your needs. A /24 network is too small. At least a /23 net is needed.
Logged
„The S in IoT stands for Security!“
bulmaro
Newbie
Posts: 49
Karma: 13
Re: OpenVPN performance
«
Reply #2 on:
October 14, 2020, 06:18:12 pm »
I thank you very much, for your prompt response Gauss23, it would be about the AWS platform instance of the t4g.large team, vCPUs 2, Memory 8 GiB, Network performance Up to 5 Gigabit.
would it be with a single WAN interface?
Logged
Gauss23
Hero Member
Posts: 756
Karma: 38
Re: OpenVPN performance
«
Reply #3 on:
October 14, 2020, 06:29:21 pm »
Looks like the ARM based Graviton2 processors used in t4g instances don't support AES-NI which could be a huge performance drawback.
And 2 CPUs for 380 VPN connections seem to be a bit small dimensioned.
Logged
„The S in IoT stands for Security!“
bulmaro
Newbie
Posts: 49
Karma: 13
Re: OpenVPN performance
«
Reply #4 on:
October 14, 2020, 06:44:37 pm »
it would be the Amazon EC2 X1 instance
which instance do you recommend?
Logged
Gauss23
Hero Member
Posts: 756
Karma: 38
Re: OpenVPN performance
«
Reply #5 on:
October 14, 2020, 07:41:02 pm »
X1 is really expensive. Are you sure?
I think I would try t3.xlarge (Intel Xeon) or t3a.xlarge (AMD EPYC). Both of them have 4 cores/threads and 16GB RAM.
But let's see if someone else has another idea about that.
Logged
„The S in IoT stands for Security!“
bulmaro
Newbie
Posts: 49
Karma: 13
Re: OpenVPN performance
«
Reply #6 on:
October 14, 2020, 09:02:47 pm »
I think your recommendation to start and observe the performance is good, hopefully if someone else has another recommendation
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
OpenVPN performance