Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris 10 IPSec peformance
Operating Systems Solaris Solaris 10 IPSec peformance Post 302097220 by blombo on Wednesday 22nd of November 2006 10:14:38 AM
Old 11-22-2006
Solaris 10 IPSec peformance
Hi,

does anyone have an experience how many IPSec tunnels Solaris 10 is able manage. A rough estimation would be great.
I know it's hardly dependent on the hardware used, so if anyone says on a 490 with 2 CPUs and 4GB RAM a maximum of 1000 IPSec tunnels is possible, that would be great.

I made some tests on a 480 and I was able to have 250 tunnels at one time with good performance but then I ran out of hardware.

Thanks in advance,
blombo
 

9 More Discussions You Might Find Interesting

1. IP Networking

IPSec VPN Routing

Hello, I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue. ... (0 Replies)
Discussion started by: salukibob
0 Replies

2. Red Hat

ipsec policy not working

Hi, I am trying to set a policy between 2 machines for all the ports except for 22 i.e. for tcp - basically I want to bypass ssh. But my policy doesn't seem to work. Here are the entries spdadd 1.2.3.4 4.3.2.1 any -P out prio 100 ipsec esp/transport//require ah/transport//require; spdadd... (0 Replies)
Discussion started by: ahamed101
0 Replies

3. Solaris

Clients for Solaris IPSEC tunnel

Hi all, I'm running solaris x86_64 as a home server and am quite happy with it. Currently I'm working with Solaris 10 and 11 express. Typically I tunnel traffic to it via ssh with port forwards, but I'm interested in using the built in IPSEC features that Solaris has. I've setup a solaris... (1 Reply)
Discussion started by: vectox
1 Replies

4. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

5. Solaris

Connecting Solaris 10 to Cisco PIX with IPsec tunnel

I having problem connecting to a Cisco PIX Log from IKE # /usr/lib/inet/in.iked -f /etc/inet/ike/config -d Jan 16 00:40:57: 2012 (+0800) *** in.iked started *** Jan 16 00:40:57: Loading configuration... Jan 16 00:40:57: Checking lifetimes in "nullrule" Jan 16 00:40:57: Using default value... (0 Replies)
Discussion started by: conandor
0 Replies

6. UNIX for Advanced & Expert Users

Ipsec implementation

How can i implement Ipsec between two machines in linux_ ubuntu? any link?? suggestion?? (0 Replies)
Discussion started by: elinaz
0 Replies

7. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

8. AIX

Allow port range using IPsec?

Hi Guys, Please could you tell me if it is possible to have a single rule/filter to allow a certain port range instead of a separate rule for each port? I'm sure it must be possible but I am unable to find the syntax. Thanks Chris (4 Replies)
Discussion started by: chrisstevens
4 Replies

9. Solaris

What's wrong with my ipsec configuration?

I want a lan encrypted with ipsec. This is my /etc/inet/ike/config p1_xform { auth_method preshared oakley_group 5 auth_alg sha256 encr_alg aes } p2_pfs 2 this is my /etc/inet/secret/ike.preshared # ike.preshared on hostA, 192.168.0.21 #... { localidtype IP localid... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies

LEARN ABOUT HPUX

ipsec_config_delete

ipsec_config_delete(1M) 												   ipsec_config_delete(1M)

NAME

       ipsec_config_delete - delete configuration records from the HP-UX IPSec configuration database and delete certificate files

SYNOPSIS

       object_name

       ip_addr

       object_name

       object_name

       object_name

       object_name

DESCRIPTION

       The  command deletes configuration records from the configuration database and certificate data.  If HP-UX IPSec is active and running, the
       data (IPsec policy, authentication record or bypass list entry) is also deleted from the runtime policy	database.   If	you  delete  IPsec
       policies  that have active Security Associations (SAs), HP-UX IPSec removes the SAs from the Security Association Database (SADB) and sends
       a delete notification to the remote system.  If HP-UX IPSec removes an IKE policy, the associated IPSec SAs can remain active, but  no  IKE
       control messages can be sent.

       The  command deletes the certificate for the local system and the related private key file from the directory.  It does not delete certifi-
       cates for CAs or Certificate Revocation Lists (CRLs).  To delete these objects, you must manually delete the files in the  directory.   You
       can use the command to display the file names with the subject names for the CA certificate files and the issuer names for the CRL files.

       You cannot delete the configuration object.

   Options and Operands
       The command recognizes the following options and operands:

	      object_name
		   Specifies the name of the object you are deleting.

		   Do not use this argument when deleting a configuration object.

		   You cannot delete the host, IKEv1, or IKEv2 policies.

	      ip_addr
		   Specifies the IP address of the entry in the bypass list you are deleting.

EXAMPLES

       The following command deletes the host IPsec policy named

AUTHOR

       was developed by HP.

FILES

       configuration database.

       default			profile file.

SEE ALSO

       ipsec_admin(1M),    ipsec_config(1M),   ipsec_config_add(1M),   ipsec_config_batch(1M),	 ipsec_config_export(1M),   ipsec_config_show(1M),
       ipsec_migrate(1M), ipsec_policy(1M), ipsec_report(1M).

							   HP-UX IPSec Software Required				   ipsec_config_delete(1M)
All times are GMT -4. The time now is 11:17 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy