|
|
Jon Bendtsen wrote:
Another option could be to prevent new tunnels at the server with the
biggest load, that way new clients will be forced to the 2. server.
This could be done with a statefull iptables firewall that let existing
tunnels through, but disallows new.
I see what you're saying, it would make the connection process
potentially take slightly longer if it connects to a server that is not
accepting connections, as it would need to fail and then try the other,
but would essentially do what I want - I will experiment with this...
Jon Bendtsen wrote:
> I was just thinking. Just how many clients do you have such that one
> server can not handle the load? Or how big a pipe do you have?
>
> A via with hardware encryption is PRETTY fast.
It can handle the load, but the applications that are running over the
tunnels are generally very latency sensitive, and I can forsee problems
where with too many users on one endpoint, the latency will start to
creep up - I might be wrong with this of course, I haven't really been
able to test it at very high volumes to discover if this is the case or not.
Thanks for the suggestions etc,
Alex Brett
alex.brett@xxxxxxxxxx
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|