SoftEther VPN User Forum

If I use the Virtual 3-Layer Switch as a router, I have to add hundreds of or thousands of routing entries to it. As there're so many routing entries, I'm concerned about its working efficiency.

So I'm wondering how many routing entrys that I can add to the Virtual 3-Layer Switch, without reduing the efficiency?

I have no idea on that. However, your network seems to be very large. I think you should consider using dynamic routing instead. Use tap device and do routing with your OS.

kh_tsang wrote:
> I have no idea on that. However, your network seems to be very large. I
> think you should consider using dynamic routing instead. Use tap device and
> do routing with your OS.

No, in fact, my network is quite small. I just want to distinguish the traffic to foreign countries.

Are you doing multi-homing/load balancing? It seems there is no need to separate the traffic if you only have one WAN or you are not doing QoS.

It depends on what your router is, specifications, OS, etc.

Having thousands of static routing entries is very inefficient and I would highly recommend you to run an IGP instead - OSPF, RIP2, etc.

>I just want to distinguish the traffic to foreign countries.

Use GeoIP locationing.

Your setup sounds like you want to setup an Anycast network?

GIANT_CRAB wrote:
> It depends on what your router is, specifications, OS, etc.
>
> Having thousands of static routing entries is very inefficient and I would highly
> recommend you to run an IGP instead - OSPF, RIP2, etc.
>
> >I just want to distinguish the traffic to foreign countries.
>
> Use GeoIP locationing.
>
> Your setup sounds like you want to setup an Anycast network?

No...... I'm in China.

I have a VPS in China and one in the US. Both have installed the SoftEther VPN , and they're connected. The domestic one runs as an access point, and be used as an virtual 3-Layer switch. When I visit domestic website, the domestic VPS will directly transfer the traffic by local 'Secure NAT'. However, when I visit an foreign one, the domestic VPS will forward the traffic to the VPS in US, through SoftEther's VPN tunnel. To specify the traffic to domestic and foreign, I've to add many routing entries to the 3-Layer switch.

So, there is the question above.

kh_tsang wrote:
> Are you doing multi-homing/load balancing? It seems there is no need to
> separate the traffic if you only have one WAN or you are not doing QoS.

No.

I have a VPS in China and one in the US. Both have installed the SoftEther VPN , and they're connected. The domestic one runs as an access point, and be used as an virtual 3-Layer switch. When I visit domestic website, the domestic VPS will directly transfer the traffic by local 'Secure NAT'. However, when I visit an foreign one, the domestic VPS will forward the traffic to the VPS in US, through SoftEther's VPN tunnel. To specify the traffic to domestic and foreign, I've to add many routing entries to the 3-Layer switch.

So, there is the question above.

You still need GeoIP location or else manually setting those routing entries is going to be highly inefficient. Another alternative would be to run BGP.

I would consider this an anycast network already but it is more towards latency-based routing.

SoftEther VPN supports 4096 table entries.


https://github.com/SoftEtherVPN/SoftEth ... ar/Cedar.h
#define MAX_NUM_L3_TABLE 4096