[l2tpns-users] VPN stress test hw/sw

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi

I'm working on a project involving a massive VPN setup: we're talking  
about an estimate of 10k-100k VPN clients, each one generating around  
2Mbps traffic, traffic that will be later processed in real-time by  
another software. The VPN is pure L2TP, without IPSec (don't need the  
traffic to be encrypted, no security/privacy concerns).

We already have a working test environment with Xelerance's xl2tpd as  
the LAC (have tried too with WinXP and some hw appliances, for the  
sake of interoperability testing) and l2tpns as the LNS, and want to  
run some test. We want to stress test the whole setup to get an idea  
of how many traffic-processing servers we need, how many LACs (and  
test several of them, both HW and SW), how to cluster them, how to  
escalate the whole setup as the number of clients and/or bandwith  
increases, etc.

What we need is:

- stablish lots of L2TP/PPP tunnels
- run standard TCP/IP protocols through each one of them (HTTP, FTP,  
POP, SMTP)
- monitor all the systems and software involved (this is the easy  
part...)
- fetch results: transacionts (HTTP, FTP...) that went OK, erros,  
timeouts, etc.

Something like Spirent's Valanache would be great, if it supported  
pure-L2TP VPNs (I *think* it only works with IPSec, please correct me  
if I'm wrong...)

Do you know of such a project/hardware/whatever? A commercial product  
could be OK (if our contractor is willing to pay for it...)

Right now I'm working on a "homegrown" testing platform consisting of  
a shell-script that opens a number of VPN connections and launches one  
curl-tester instance for each one of them, routing the traffic  
accordingly by means of iptables/iproute2 trickery. And all that  
inside a VMWare virtual machine, so that I can easily replicate the  
setup through the whole office. That would generate the load, the hard  
part is collecting all the logs and making some sense out of them.

Any help or hints will be very appreciated. :)

Regards,

PS: reply to me privately if you think I'm getting way too much off- 
topic here...

-- 
   Vicente Aguilar <bi...@bi...> | http://www.bisente.com