Peter Hicks wrote:
> All,
>
> I have a dual 3GHz Xeon machine with a 2.4.21 kernel and thousands (15k+) of
> ipip tunnel interfaces. These are being used to tunnel traffic from remote
> routers, over a private network, and handed off to a third party.
[]
> Is there a userspace program which would handle this application better than
> using interfaces?
Not that it may be suitable for your case because of various reasons (including
but not limited to your use of specific - IPIP - type of tunnels, interoperability
issues), but take a look at the tinc principles -- http://www.tinc-vpn.org/ . They
use single interface (based on tun driver) and a single select-loop-based userspace
program. Initially you configure routing to route ALL your peer's traffic to this
interface, and next tincd takes care of {dis,re}appearing peers, shortest pathes,
{un}reachability of certain networks and so on.
I don't know whenever their implementation scales up to 15K+ peers any better than
current in-kernel implementation, but I think it's easier to deal with this stuff
in userspace anyway. And the principles which are in the base of tinc are very..
interesting and are unique (as far as I know) to it, making this solution ideal for
certain setups.
/mjt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
