[Seattle-SAGE] VPN-in-a-box recommendations?

Robin Battey zanfur at zanfur.com
Thu Feb 23 14:06:29 PST 2006 

On Thu, Feb 23, 2006 at 01:37:21PM -0800, Atom Powers wrote:
> not as bad as the WatchGuard). Frankly I wouldn't use NetGear for
> anything but the lowest priority infrastructure, in my experience they
> have some very serious overheating issues.

Seconded.  Even for low priority infrastructure, they still overheat, and 
it sucks to get an IT help ticket complaining that an office has no 
internet, only to find that it's the switch they're plugged the wall jack 
into.  They overheat like crazy.

> QoS isn't going to do you much good on a VPN. Sure, you can give some
> data priority on your endpoints (VPN server, VPN client) the whole
> wide internet in between doesn't give a rat's @$$ about your data.

While I can't speak from direct experience here, I think it will do lots
of good.  The bottleneck for VoIP is usually the endpoint bandwidth,
because the next hop (the one at the ISP) can usually handle vast amounts
of data throughput.  So, your effective VoIP bandwidth is essentially how
much you can shunt through your own pipes.  If you're sharing your VoIP
bandwidth equally with your data, then your effective VoIP bandwidth is
considerably smaller than if you give it priority.  Even though the rest
of Teh Intarweb doesn't care.

Also, I hope you have a FAT pipe.  Your standard VoIP channel takes around 
90kbps in both directions.  That's 90kbps worth of a T1, DC3, or other 
full-duplex pipe, but it's more like 180kbps of DSL, because DSL is *not* 
full duplex (ADSL and SDSL are both single-duplex).  You really don't want 
to run any sort of multi-channel VoIP (unless you can compress it somehow) 
over anything less than a T1 (and note that 3.0gbps SDSL is the 
bandwidth equivalent to a T1).

Cheers!
-robin

--

                              Robin  Battey
                            zanfur at zanfur.com

Messages from this address are signed with key 0x6A57B07D.  Fingerprint:
           3914 F63C A99C 8EC1 785B  8287 1D8B D2F3 6A57 B07D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.sasag.org/pipermail/members/attachments/20060223/e54b9647/attachment.bin>

More information about the Members mailing list