From: Vicente A. <bi...@bi...> - 2008-02-04 20:24:10
|
Hi I'm working on a project involving a massive VPN setup: we're talking about an estimate of 10k-100k VPN clients, each one generating around 2Mbps traffic, traffic that will be later processed in real-time by another software. The VPN is pure L2TP, without IPSec (don't need the traffic to be encrypted, no security/privacy concerns). We already have a working test environment with Xelerance's xl2tpd as the LAC (have tried too with WinXP and some hw appliances, for the sake of interoperability testing) and l2tpns as the LNS, and want to run some test. We want to stress test the whole setup to get an idea of how many traffic-processing servers we need, how many LACs (and test several of them, both HW and SW), how to cluster them, how to escalate the whole setup as the number of clients and/or bandwith increases, etc. What we need is: - stablish lots of L2TP/PPP tunnels - run standard TCP/IP protocols through each one of them (HTTP, FTP, POP, SMTP) - monitor all the systems and software involved (this is the easy part...) - fetch results: transacionts (HTTP, FTP...) that went OK, erros, timeouts, etc. Something like Spirent's Valanache would be great, if it supported pure-L2TP VPNs (I *think* it only works with IPSec, please correct me if I'm wrong...) Do you know of such a project/hardware/whatever? A commercial product could be OK (if our contractor is willing to pay for it...) Right now I'm working on a "homegrown" testing platform consisting of a shell-script that opens a number of VPN connections and launches one curl-tester instance for each one of them, routing the traffic accordingly by means of iptables/iproute2 trickery. And all that inside a VMWare virtual machine, so that I can easily replicate the setup through the whole office. That would generate the load, the hard part is collecting all the logs and making some sense out of them. Any help or hints will be very appreciated. :) Regards, PS: reply to me privately if you think I'm getting way too much off- topic here... -- Vicente Aguilar <bi...@bi...> | http://www.bisente.com |