List Info

Thread: Scalability of a pppoe server.
Scalability of a pppoe server.
user name
 2006-09-30 20:06:38 
Hello

                   I'm doing administration on a FO network
backbone from a
campus network connecting 16 buildings, having ~ 3000users.
Internet access bandwidth alocated by the provider is
20Mbps.

                   In this moment, all connected locations
are routed to
internet throught local PCbased routers so the broadcast and
collision
domains are limited to the buildings connected.

I'm intending to do some changes into the network so my
further plan is to
give internet access using a single box with a pppoe server,
but I have some
concerns about it.

If someone have a real experience with pppoe in a production
environment
please give me some advices about:

1. How scalable is a pppoe server with 3000 users and how
much of hardware
resources eats in general. (CPU+physical memory)
2. All data from connected LANs would be trasported to pppoe
server throught
VLANs. Which would be the posibility of anyone from a
connected location of
doing a man in the middle attack and gather passwords from
its local area
network using arp poisoning? if that's possible, are there
any methods that
eliminates the effects on a such attack?

Thank you in advance!
Catalin Ioan I. CURCANU
_______________________________________________
freebsd-ispfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to
"freebsd-isp-unsubscribefreebsd.org"
Scalability of a pppoe server.
user name
 2006-10-01 13:03:24 
Catalin Ioan CURCANU wrote:
[ ... ]
> If someone have a real experience with pppoe in a
production environment
> please give me some advices about:
> 
> 1. How scalable is a pppoe server with 3000 users and
how much of hardware
> resources eats in general. (CPU+physical memory)

I can recall people setting up mpd for PPPoE and handling
500-1000 users on 
moderate (1GHz P3 + 1GB RAM) hardware.  I'm not sure whether
the program has a 
limit at 1024 due to the select() call, but perhaps others
can give you 
insight about running ~3000 users.

> 2. All data from connected LANs would be trasported to
pppoe server 
> throught VLANs. Which would be the posibility of anyone
from a connected location of
> doing a man in the middle attack and gather passwords
from its local area
> network using arp poisoning? if that's possible, are
there any methods that
> eliminates the effects on a such attack?

The simple answer is that it depends upon your switches and
setting up 
individual ports for specific VLANs properly, but in
general, you should not 
rely on VLAN switches to provide complete and reliable
separation of traffic.

   http://w
ww.sans.org/resources/idfaq/vlan.php

-- 
-Chuck
_______________________________________________
freebsd-ispfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to
"freebsd-isp-unsubscribefreebsd.org"
[1-2]

about | contact  Other archives ( Real Estate discussion Medical topics )