[Openswan Users] What are Performance notes in OpenSwan?

Dariush Zahedmanesh zahedmanesh at gmail.com
Sat Jul 26 04:26:13 EDT 2008


Hello All

I am attempting to use OpenSwan VPN gateways to my following attached
network topology design, there are 3 levels of LAN in this network.

The Algorithms are AES-128 with SHA1-160 and RSA Authentication in tunnel
mode.

In first step I used GRE + IPSec together, so there were reduced tunnel
numbers with a lot of routes (either static or dynamic).

Then I create Full mesh (site to site) configuration (any host in any subnet
can ping other in ESP mode) that provide (705*704)/2 tunnels, awful!!! The
tunnel management in last case will be very difficult.

   - I would like to know what solution (IPSec with GRE, Full Mesh, OE with
   DNSSEC) is the best choice for high performance and reliable secure network?
   - I would like to know what hardware (CPU + Main Memory + Storage) are
   required to saturate this network topology without any failures?

Any help would be great.

Thanks.

Dariush Zahedmanesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080726/9678c95a/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: VPN.pdf
Type: application/pdf
Size: 58952 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20080726/9678c95a/attachment-0001.pdf 


More information about the Users mailing list