Hi
I'm about to add stunnel to my buildroot embedded project (ARM926EJ-S) and I was hoping the list could answer a few performance questions?
I've been looking for a way to encrypt the connections between my embedded units and my server. From what I understood about openvpn, the server starts to give problems beyond 1024 "concurrent sessions" .... I'm looking at a design that can handle 4K concurrent sessions....although it'll take a few years to get that big.
My embedded devices have a GSM modem and setup a ppp0 interface over gprs. I'm considering stunnel in the hope that I could have up to 3000 stunnel connections coming into my servers. I say 3K because by the tike I reach this figure I hope to have implemented better switches and off load the overhead of the encrypted connection to the switch.
The requirement is that the embedded "non-ssl aware client" will be able to communicate with the server over a secure tunnel.
Am I completely on the wrong road? .... could stunnel cater for something like this?
Thanks in advance!
On Mon, 2011-03-14 21:08:50 +0000, bruce bushby wrote:
[..]
could stunnel cater for something like this?
Provided the client is talking TCP, and the destination port is kown beforehand, yes.
Ludolf
bruce bushby wrote:
I've been looking for a way to encrypt the connections between my embedded units and my server. From what I understood about openvpn, the server starts to give problems beyond 1024 "concurrent sessions" .... I'm looking at a design that can handle 4K concurrent sessions....although it'll take a few years to get that big.
Use "ulimit -n".
Also be aware of memory requirements for large number of concurrent connections: http://www.stunnel.org/?page=perf
Best regards, Michal Trojnara
-
bruce bushby -
Ludolf Holzheid -
Michal Trojnara