You could actually do this a couple of different ways. First, you'd want
to have N openvpn processes, where N is somewhere between 1 and the number
of cores on your system, all listening on different ports. Address
allocation could either be done by having different pools for each process,
or by having (as you indicated earlier) some external method for allocating
static IP's (which would mean the client-connect script would have to push
a route to the static IP into the kernel routing table) You could then
either distribute client configs with "remote-random", or do some
port-based load balancing with iptables or similar. Given that you can get
64-core boxes fairly easily these days, you should be able to scale up
fairly high doing this sort of thing (note that I haven't done this myself,
but you should be able to)
On Mon, Mar 24, 2014 at 4:12 PM, Mike Tancsa <[email protected]> wrote:
> On 3/24/2014 1:28 PM, Jason Frisvold wrote:
>
> > Fortunately, 200 is well above what I need for now. However, I need to
> > think about how this will grow over time, so I'll eventually need to
> > look at possibly load balancing to handle more.
>
> We work around this by having the client connect config randomly choose
> one of 4 instances of openvpn on two different servers. Static IPs are
> not important for the tunnel interface in our environment. You could
> easily add several daemons on one box, all bound to different ports and
> have the clients randomly connect to the different instances.
>
> ---Mike
>
>
> --
> -------------------
> Mike Tancsa, tel +1 519 651 3400
> Sentex Communications, [email protected]
> Providing Internet services since 1994 www.sentex.net
> Cambridge, Ontario Canada http://www.tancsa.com/
>
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/13534_NeoTech
> _______________________________________________
> Openvpn-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
