On Mon, 2009-08-17 at 11:12 -0700, Peter Memishian wrote: > > As for what constitutes a reasonable size, for the case of a tunnel > > concentrator such as a VPN server or tunnel broker, perhaps thousands of > > tunnels isn't out of the question[1], and your observation that 389 > > being too small is valid. Perhaps increasing that ~20x or so to 6143 > > would be more than adequate. > > Yes, more than adequate (assuming a good distribution, of course -- and I > know you're checking into that already).
I gathered some data based on the current workload on an existing VPN server with 73 active tunnels. Not a huge number of tunnels, but that's what I have access to at the moment. With the table size I originally had of 389, the indices are relatively evenly distributed between 1 and 385 with 6 collisions (no two collisions went to the same bucket). With the new table size of 6143 the indices are still evenly distributed between 127 and 6059 with no collisions. I'm satisfied with that given the simplicity of the algorithm. I'd be glad to test the algorithm further with a larger sample size if someone wants to throw a real-world sample set of public IP addresses my way. (hint to any passive lurkers running a large-ish service on the internet) -Seb
