On Tue, Mar 10, 2009 at 3:12 AM, Bryan Berry <br...@olenepal.org> wrote:
> On Mon, 2009-03-09 at 21:51 -0700, Sameer Verma wrote:
>> On Mon, Mar 9, 2009 at 7:04 PM, Bryan Berry <br...@olenepal.org> wrote:
>> > On Tue, 2009-03-10 at 09:58 +1300, Martin Langhoff wrote:
>> >> On Mon, Mar 9, 2009 at 12:11 AM, Bryan Berry <br...@olenepal.org> wrote:
>> >> > I am worried about the XO's and not the XS.
>> >>
>> >> Now you're starting to see what I've seen :-/ I also worry about your
>> >> APs and networking infra -- to support 400 active users you'll want at
>> >> least 8 APs. In more realistic terms, you'll probably need 12,
>> >> assuming a reasonably balanced load.
>> >
>> > We will have roughly 8+ AP's. We have found that off-the-shelf AP's can
>> > handle around 60-70 users.  But that doesn't still doesn't solve the
>> > problem of the XO's getting bogged down by tons of ejabberd chatter.
>> >
>> > DSD: do you have any ideas about this?
>> >
>> > We are looking at about 100-150 students per school and connecting 3-4
>> > schools to a central XS.
>> >
>> >> As I mentioned before... I am working on xs-0.6, with the
>> >> moodle-ejabberd magic.
>> >
>> > That's great, but our pilot starts in a month but that doesn't fit our
>> > timeline. I don't want to send out a completely new, untested XS into
>> > rural parts of Nepal.
>> >
>> > Do you have any other suggestions fo us?
>> >
>> What if you had a small footprint box (like a soekris or routerboard)
>> at the school that talks to APs on one end via a switch, and does
>> tunneling back to XS in a central location? That way you would have a
>> fairly dumb tunnel unit at school (literally plug-and-play) and XS
>> management back at your central shop.
>> Sameer
> Thanks for the suggestion Sameer.
> I don't really understand what benifits the soekris or routerboard adds
> in this situation? Can u pls explain further?

The Soekris unit (say Soekris 4501 http://www.soekris.com/net4501.htm)
would sit at the school location talking to the APs via a switch on
one end and create a tunnel on the other end to your XS farm. The
tunnel runs over a VPN from school to XS farm. Both Soekris and
Routerboard have miniPCI slots that will take hardware accelerators
for VPN such as this one: http://www.soekris.com/vpn1401.htm so it is
possible to run VPNs on these boards.

Soekris units are almost zero maintenance (no moving parts etc.) and
can also double up as APs. One thing to note: the hw VPN accelerator
support under Linux isn't very robust. I've used it with BSD
(http://m0n0.ch/wall/) and it works well. It will do IPSec VPN
tunnels. http://m0n0.ch/wall/features.php

With a zero maintenance small footprint unit at the school (will run
with 12 V as well) and XS units at your "school server farm" you can
maintain the XS units locally and keep the school network running via
the VPN.

The last time I suggested this, the -1 reasoning was that you would
need a good connection between the school and the XS farm.

Dr. Sameer Verma, Ph.D.
Associate Professor of Information Systems
San Francisco State University
San Francisco CA 94132 USA

<<attachment: ole-nepal-vpn.png>>

Server-devel mailing list

Reply via email to