1. Home
  2. pfSense® Software
  3. Hardware
  4. Max number of ipsec tunnel?

Max number of ipsec tunnel?

  • B

    Hello
    is there any limit to number of ipsec tunnels on pfsense?
    we have currently soekris net 6501-70 boards across all our branch offices
    i'd like to know how many ipsec tunnels can the soekris system handle situated at our HQ?
    And what throughput do you guys think can be achieved at max?
    Will be grateful if someone has any info regarding that

    0
  • J

    It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

    0
  • B

    @Jason:

    It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

    yes throughput would be affected i know
    we have 8 branches so as per your estimate, throughtput will be hardly 10-20 mbit/s :/

    0
  • J

    @bhawk6901:

    @Jason:

    It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

    yes throughput would be affected i know
    we have 8 branches so as per your estimate, throughtput will be hardly 10-20 mbit/s :/

    8 IPSec tunnels is nothing so you're fine there.

    As to throughput, yes, if they're all running full out, expect no more than 10-20Mbit/s per location.  If you expect them to be running in that range you may want to consider limiters or traffic shaping as well, just to make sure that one location doesn't monopolize your entire capacity.

    0
  • B

    @Jason:

    @bhawk6901:

    @Jason:

    It's not the number of tunnels that's the problem, it's the throughput.  Those boxes aren't very fast and will top out pretty low.  I've long since stopped using my 6501 so I can't speak to improvements made in 2.2.x, but I doubt you'd see more than 70-80Mbit/s.

    yes throughput would be affected i know
    we have 8 branches so as per your estimate, throughtput will be hardly 10-20 mbit/s :/

    8 IPSec tunnels is nothing so you're fine there.

    As to throughput, yes, if they're all running full out, expect no more than 10-20Mbit/s per location.  If you expect them to be running in that range you may want to consider limiters or traffic shaping as well, just to make sure that one location doesn't monopolize your entire capacity.

    Thanks for your insight :)

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy