At 02:09 PM 4/8/98 +0100, Nigel Metheringham wrote:
>
>[EMAIL PROTECTED] said:
>} I have +/- 200 small networks (+/- 7 clients / network) to connect to
>} internet. These networks use private IP (172.27.X.X serie) and I ll
>} use masquerading to give Interney access.
>
>} Virtually, I must support at least 200 * 7 = 1400 connexions at the
>} same time.
>
>Why do you say that??
>You are assuming they all make one connection at a time, all the time?
Because the infrastructure must work in the worst case.
In order way, each user (on a pc) may generate several connexions at a time.
For example, 2 browers opened at the same time.
>Masq has a limit on the number of simultaneous connections - normally 4096
>per protocol (TCP, UDP & ICMP) - this can be modified within limits by
>editing linux/include/net/ip_masq.h (however the max you could do would be
>32K).
OK, I saw the source.
I modify it to support +/- 24K (24 * 1024) simultaneous connections.
>Connections are not the limitation. Nor is RAM. Your limit is the
>bandwidth available. I guess a moderate spec PC would be OK to 2Mbit
>connectivity (maybe less if it was doing PPP as well). Above that you are
>probably hitting other limitations than sheer processing power - IO
>throughput for example.
Really ?
When the kernel masquerades, it keeps some informations in memory about the
connections like IP source, Port source, Port destination on private card,
time out information,.... This must take memory.
The bandwidth doesnt reduce the number of users but their facilities to
surf (less bandwidth / user).
Ing. Luigi Giacobbe
C.I.R.B. - Cellule T�l�matique
Av. des Arts, 10
1000 BRUXELLES
T�l - +32 2 282.47.79
FAX - +32 2 230.31.07
EMail - [EMAIL PROTECTED]
U.R.L. - http://www.cirb.irisnet.be/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
