I am about to recommend a collection of OpenBSD machines
to serve as VPN (IPSec/isakmpd) gateways for N nodes
on a WAN. In my case N ~ 50 and each node will have a T1/E1 connection
to the Internet. The network will be for all intents and purposes
fully meshed.
Given that there are some scaling problems with this type of
VPN implementation are there any performance issues with
this scale of network? I will be using Intel PIII 800 machines
at each node?
If you have any operational experience with this type of network
please let me know.
In addition, does anyone know what size/model dedicated networking
gear (e.g. Cisco) would be required to handle this number of
VPN connections.
MPLS also is an option, but I'm not sure how mature this
technology is. Furthermore I'm not certain that all N nodes
can get connections to the same MPLS activated ISP.
--
Quist Consulting Email: russ@quist.ca
219 Donlea Drive Voice: +1.416.696.7600
Toronto ON M4G 2N1 Fax: +1.416.978.6620
CANADA WWW: http://www.quist.ca
|