Hardware requirements and solution limitation?
Posted: Fri Oct 20, 2017 10:30 am
Hi,
For a few months now, I have run two older desktop pc's running a "proof of concept" setup with SoftEther VPN. The VPN-use here is quite demanding, with multicast RTP-traffic and UDP VOD (RTSP). The use case here is providing a multicast access to TV STBs for development purposes.
Each client-connection here can "eat" 40 Mbps+ og real time traffic - some packetloss I can live with. The setup I have here is a L2 bridge and encryption disabled.
Q1: Is there a static limitation on the bandwidth that can go over the bridge (or a hub)? From when I read the documentation earlier, I seem to remember that 100 Mbps was mentioned, but I could not find this information now. Or was this 100 Mbps limit maybe a limit for the virtual adapter under Windows-enviroment? (I'm normally running a setup with Softether VPN Server also on the server, but also tested a couple of setups with bridge-setup in Windows, which in some cases work, and in some cases dosn't).
Q2: Based on a scenario with e.g. in total of 400 Mbps going through here in totalt on e.g. 10 connections (and no encryption other than on the login to the VPN), any ideas on what hardware requirements would be? Based on 1-2 connection on the Core i7-2600 pc I used for my test, the load on the system don't seem that high. I have been thinking about getting a HP Proliant Micro Server Gen10 with 4-core Opteron and 16 GB of RAM. Price on this is quite good.
Q3: Best practices. For the setup I have now, I have used dedicated eth-port (using a 4-port Intel 82580) for the source of the VPN and dedicated NIC-port for the user connections to the VPN. Both are connected to the same switch/router/network connection.
Q4: In the logs I see a lot of these in the log: "2017-10-20 00:00:42.385 [HUB "XXXXX"] Session "SID-XXXXXX-29": A large volume of broadcast packets has been detected. There are cases where packets are discarded based on the policy. The source MAC address is XX-XX-XX-83-54-1C, the source IP address is 192.168.1.51, the destination IP address is 239.255.255.250. The number of broadcast packets is equal to or larger than 36 items per 1 second (note this information is the result of mechanical analysis of part of the packets and could be incorrect).". Question then, does SoftEther VPN look at multicast as broadcast?
For a few months now, I have run two older desktop pc's running a "proof of concept" setup with SoftEther VPN. The VPN-use here is quite demanding, with multicast RTP-traffic and UDP VOD (RTSP). The use case here is providing a multicast access to TV STBs for development purposes.
Each client-connection here can "eat" 40 Mbps+ og real time traffic - some packetloss I can live with. The setup I have here is a L2 bridge and encryption disabled.
Q1: Is there a static limitation on the bandwidth that can go over the bridge (or a hub)? From when I read the documentation earlier, I seem to remember that 100 Mbps was mentioned, but I could not find this information now. Or was this 100 Mbps limit maybe a limit for the virtual adapter under Windows-enviroment? (I'm normally running a setup with Softether VPN Server also on the server, but also tested a couple of setups with bridge-setup in Windows, which in some cases work, and in some cases dosn't).
Q2: Based on a scenario with e.g. in total of 400 Mbps going through here in totalt on e.g. 10 connections (and no encryption other than on the login to the VPN), any ideas on what hardware requirements would be? Based on 1-2 connection on the Core i7-2600 pc I used for my test, the load on the system don't seem that high. I have been thinking about getting a HP Proliant Micro Server Gen10 with 4-core Opteron and 16 GB of RAM. Price on this is quite good.
Q3: Best practices. For the setup I have now, I have used dedicated eth-port (using a 4-port Intel 82580) for the source of the VPN and dedicated NIC-port for the user connections to the VPN. Both are connected to the same switch/router/network connection.
Q4: In the logs I see a lot of these in the log: "2017-10-20 00:00:42.385 [HUB "XXXXX"] Session "SID-XXXXXX-29": A large volume of broadcast packets has been detected. There are cases where packets are discarded based on the policy. The source MAC address is XX-XX-XX-83-54-1C, the source IP address is 192.168.1.51, the destination IP address is 239.255.255.250. The number of broadcast packets is equal to or larger than 36 items per 1 second (note this information is the result of mechanical analysis of part of the packets and could be incorrect).". Question then, does SoftEther VPN look at multicast as broadcast?