[c-nsp] How to terminate 100.000 IPsec VPN clients?
Florian Bauhaus
f.bauhaus at portrix-systems.de
Mon Sep 5 04:55:06 EDT 2011
On 09/04/11 13:39, Arie Vayner (avayner) wrote:
> Another option could be an ASR1K which can do quite a lot of IPSec.
When I look at the ESP Modules for the ASR1k they state:
"IPsec*: 10,000 tunnels (Hardware is capable of 10,000 tunnels.
Currently supported: 4,000)"
For 10k connections they might be interesting for just 4k they are not.
Any idea if/when the will support the 10k tunnels?
> I would most likely have looked into using a load balancer to load share
> between multiple "servers", and just add more IPSec nodes as the scale
> would require...
We took that into consideration already and it is likely that we will
use some :)
Best regards,
Florian
More information about the cisco-nsp
mailing list