Re: Masquerade: Any large network limits?

seth (seth.edwards@POBOX.COM)
Wed, 31 Dec 1997 12:52:05 -0700 (MST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: kwrohrer@enteract.com: "Re: nfs client error w/2.1.76"
Previous message: Stephen Williams: "Re: Making module versions (Was: OFFTOPIC: binary modules, bad idea!)"

On Wed, 31 Dec 1997, Jacques Gelinas wrote:

> On Wed, 31 Dec 1997, Patrick Main wrote:
>
> >
> > I have been asked how many users can be masqueraded
> > with ONE linux server. This would be with kernel 2.0.33
> > with ethernet only connections and connected via T1 to
> > the Internet.
> >
> > At a local college i have a small intranet with about 60
> > machines <three student labs> running through a similar setup.
> > This has worked very well. Now there's a possibility of running
> > an entire county schoool district through a similar setup.
> >
> > With a recent Pentium box and of course PCI controllers "all"
> > Is there a memory problem although will probably have 64 Megs
> > Net cards will be Tulip based and probably Buslogic scsi.
> >
> > Major question is how many connections can linux masq "reliably"
> > ie: 1000 connects? what about 5000?
> > Would like to hear from anyone masquerading a large network and
> > there real life results.
> >
> > We are considering using one machine for the entire district or
> > if this is bad then multiple machines with a school or two assigned to
> > each box. Hence the question of: what are reasonable expectations of
> > one box handling?
>
> I have no precise numbers, but one site I help manage have a single DX4
> with 8 megs acting as firewall and masquerading box for a 32 schools.
>
> They are connected to the internet using a 256k link (which is incredibly
> overload). They will go to a T1. I don't expect the DX4 to change
>
> As far as I know, this machine pretty much do nothing: Almost idle all the
> time.
>
> A small but important detail. They are using a proxy for web and this
> proxy is going through the DX4 but is not masqueraded.
>
> For such a project anyway, I would go for a masquerading host + a
> transparent proxy with squid on the same server.
>
> --------------------------------------------------------
> Jacques Gelinas (jacques@solucorp.qc.ca)
> Linuxconf: The ultimate administration system for Linux.
> see http://www.solucorp.qc.ca/linuxconf
> new developments: remote GUI admin, multiple machines admin
>
>
>
>

There is no Emotion, There is Peace
There is no Ignorance, There is Knowledge
There is no Passion, There is Serenity
There is no Death, There is the *****

Next message: kwrohrer@enteract.com: "Re: nfs client error w/2.1.76"
Previous message: Stephen Williams: "Re: Making module versions (Was: OFFTOPIC: binary modules, bad idea!)"