[wellylug] Linux VPN Router Hardware
Pete Black
pete at marchingcubes.com
Wed Aug 3 08:43:08 NZST 2005
it depends what you mean by 'inexpensive'.
I have had good experiences with IBM x-series 1U rack servers, but if
you want something cheaper than that, then I would say get a bunch of
second hand desktop PCs and kit them out with an extra NIC. I have had
good experiences with compaq deskpros, which can be had cheaply
ex-government departments from a variety of second-hand resellers.
No x86 machine will give you particularly good power consumption in
absolute terms, but the alternative is embedded systems which usually
have lower performance and are less straightforward to set up and run
with. Relatively speaking, power consumption shouldnt be a major
problem as long as you arent running an overclocked P4 with a l33t
gaming video card and 12 hard disks.
You dont need a lot of CPU power to route packets and run a small
number (less than, say, 5) VPN tunnels - even a P2-300 would do this -
but if you are looking to support large numbers of users, then it would
be wise to get something with a bit more grunt - say a P3-800 class
CPU. You probably want to err on the side of 'too much CPU' here if you
need to saturate a 10Mbps pipe with encrypted packets 24x7 but assuming
this is a point-to-point connection, any P3-class CPU should handle
that without missing a beat.
My VPN routers had uptimes way over 2 months, you can expect to
practically never reboot a Linux box if it is just sitting there
routing packets.
Reliability is always an issue with second-hand PCs but second-hand
server-class (e.g. rackmount stuff) is usually a pretty safe bet.
-Pete
On 2/08/2005, at 11:53 PM, Rob Giltrap wrote:
> I looking for recommendations for hardware to run a Linux VPN router
> setup.
>
> I want something that is fairly reliable (like it should only have to
> be rebooted maybe once every two months)
> It is also desirable if it has low power consumption as it'll run 24*7
> Should be inexpensive (but not at the expense of reliability)
> Can handle a full 10Mb/sec traffic load (this is critical)
> And is plentiful (i.e. I can buy 10 of them all the same)
>
> Thanks, Rob.
>
>
> --
> Wellington Linux Users Group Mailing List:
> wellylug at lists.wellylug.org.nz
> To Leave: http://lists.wellylug.org.nz/mailman/listinfo/wellylug
More information about the wellylug
mailing list