100K openvpn users
-
Hi,
I'm trying to setup 100K predefined users with certification, I created script to add them all.
once the script reached to 9K users, openvpn become very slow.
Any idea how to figure out what is the root cause for it ?Thank you,
Shamir -
hows the cpu/memory/disk usage when adding this ammount of users? is the GUI still working?
-
The built-in user manager on pfSense is not designed for that sort of scale. For that many users, you should be using a dedicated authentication server like RADIUS or LDAP.
You can keep the users off the box and generate certificates locally if you wish, the export package should still be able to pick up on that so long as the certs are made from the same CA.
-
I'm trying to setup 100K predefined users with certification, I created script to add them all.
On what hardware you are trying this to realize?
once the script reached to 9K users, openvpn become very slow.
And writing a script that adds even and only adding 5000 users per run should not work?
Any idea how to figure out what is the root cause for it ?
- The CPU is to lame
- The RAM size is to low
- The storage is to slow or small
Why not using an external OpenVPN Server? We use CentOS 6.6 and SoftEtherVPN Server on it.
Intel E3-1286v3 / 32 GB ECC RAM / Samsung840 Pro 512 GB SDD
Comtech AHA600 VPN acceleration card (AES-CBC)
Comtech AHA PCIe372 compresison card (on each side)
