Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Max number of ipsec tunnel?

    Hardware
    2
    5
    716
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bhawk6901 last edited by

      Hello
      is there any limit to number of ipsec tunnels on pfsense?
      we have currently soekris net 6501-70 boards across all our branch offices
      i'd like to know how many ipsec tunnels can the soekris system handle situated at our HQ?
      And what throughput do you guys think can be achieved at max?
      Will be grateful if someone has any info regarding that

      1 Reply Last reply Reply Quote 0
      • J
        jasonlitka last edited by

        It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

        1 Reply Last reply Reply Quote 0
        • B
          bhawk6901 last edited by

          @Jason:

          It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

          yes throughput would be affected i know
          we have 8 branches so as per your estimate, throughtput will be hardly 10-20 mbit/s :/

          1 Reply Last reply Reply Quote 0
          • J
            jasonlitka last edited by

            @bhawk6901:

            @Jason:

            It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

            yes throughput would be affected i know
            we have 8 branches so as per your estimate, throughtput will be hardly 10-20 mbit/s :/

            8 IPSec tunnels is nothing so you're fine there.

            As to throughput, yes, if they're all running full out, expect no more than 10-20Mbit/s per location.  If you expect them to be running in that range you may want to consider limiters or traffic shaping as well, just to make sure that one location doesn't monopolize your entire capacity.

            1 Reply Last reply Reply Quote 0
            • B
              bhawk6901 last edited by

              @Jason:

              @bhawk6901:

              @Jason:

              It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

              yes throughput would be affected i know
              we have 8 branches so as per your estimate, throughtput will be hardly 10-20 mbit/s :/

              8 IPSec tunnels is nothing so you're fine there.

              As to throughput, yes, if they're all running full out, expect no more than 10-20Mbit/s per location.  If you expect them to be running in that range you may want to consider limiters or traffic shaping as well, just to make sure that one location doesn't monopolize your entire capacity.

              Thanks for your insight :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy