Sizing for Captive Portal
-
Hi everybody, I am looking for an appliance with the ressources to hande about ~600 CP users in average. This said, I do not know a realisitc numer of IP connections. Usage is for a large hotel. We have currently a 600Mbit synchronous ISP connection. At the moment this is handeld by a pfsense VM with 8GB RAM and Xeon CPU which is about 5 years old. I think the current system is much more then needed. I was thinking about a 6100 netgate appliance instead. There is no need for any VPN (only for remote adminstration of the network, so max 1-3 connection, so this should be no point) ... Are my thoughts realistic? Thanks for answers in advance!
-
@diwoda
If the device handles the bandwidth without portal then it'll probably do fine with it.AFAIK CP doesn't add a huge overhead.
-
@heper thx
-
@diwoda said in Sizing for Captive Portal:
for a large hotel
I'm using it for a small hotel (32 rooms).
Look here https://forum.netgate.com/topic/174489/22-05-cp-clients-have-connectivity-issues-after-x-amount-of-time for a large school.
A couple of 100 users is 'nothing', if you have the bandwidth to share to make them happy.Remember : a captive portal network uses the same resources on a pfSense firewall as a normal LAN networks with an identical number of users.
The portal part is only used during authentication : showing a web 'login' page - and handling the POST of that webpage, and if succeeded, adding the users IP and MAC in a firewall table.Note that the link shown above talks about user bandwidth limiting, that failed. But the issue has been found and can be solved easily.
edit : lol, the user who found the issue was @heper
-
@gertjan hi, thank you aswell...as far as i've overflown the post, the problem only happens in combination with radius athentication. this is not what i do in my scenario. i do no auth at all, but just a simple "click through" CP... however. I'm well aware of the fact that the CP by itselfs does not create heavy load. overall i lack experience with how much ressources houndrets simoultanous connects need (without any additional services like proxy or whatever which would add more load). what i see is, that my current system seems to have no problems at all with ~600 users with peaks of 300-500Mbits throughput. but as i said, right now I have a xeon system. i do not want to risk that, after switching to a new appliance with "only" a atom (but much newer) cpu, i'm going to have problems related to missing power ;-)
-
an additional question to this post: does anybody know what the definition of "small", "medium" and "large" business is? in all recommendations from netgate they define it in this scale but I was not able to find a hint where they explaine what they think that small, medium and large is?
