So maybe what's really needed is less having multi-threading support within
a single openvpn process, but more adding some functionality that makes it
easier to get to the desired end-state, like extending the ip persistence
from a flat file to perhaps a database connection, and have a way to define
ip pools within that same mechanism. That would allow not only multiple
processes to operate off the same pool, but multiple processes across
multiple physical endpoints. Then all you'd need is a way to handle
routing the correct IP to the correct process, and I would humbly suggest
that adding support for some sort of routing protocol within openvpn
(probably rip or ospf) would be an *excellent* way of solving this problem.
Granted, this solution won't be for everyone, but for some of us it would
be ideal.
*that's* a crowdfunding campaign I'd throw some cash at.
-Joe
On Tue, Aug 5, 2014 at 1:27 AM, Gert Doering <g...@greenie.muc.de> wrote:
> Hi,
>
> On Tue, Aug 05, 2014 at 12:00:53PM +1200, Jason Haar wrote:
> > On 05/08/14 08:36, Gert Doering wrote:
> > > "Nobody did the code yet".
> > >
> > > This is a complex problem. You need a programmer that understands
> > > parallel processes or threads, network, security, and is willing to
> > > spend quite a bit of personal time on it - implementation, code review,
> > > testing.
> > I think it can be hacked into place (with the right choice of OS of
> course)
> >
> > I've effectively "multi-processor"-ed openvpn by running multiple copies
> > on different ports, and then using iptables to round-robin new
> > connections onto those backend services.
>
> Yes, this can be done (and this is what OpenVPN AS does "under the hood",
> with slightly more magic regarding the distribution of incoming
> connections).
>
> It will scale better than just one OpenVPN process, but is still not ideal
> from a load distribution perspective, and - as you point out - needs help
> from a client-connect script to get IP address assignment right.
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
> //
> www.muc.de/~gert/
> Gert Doering - Munich, Germany
> g...@greenie.muc.de
> fax: +49-89-35655025
> g...@net.informatik.tu-muenchen.de
>
>
> ------------------------------------------------------------------------------
> Infragistics Professional
> Build stunning WinForms apps today!
> Reboot your WinForms applications with our WinForms controls.
> Build a bridge from your legacy apps to the future.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
>
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
