From owner-freebsd-isp@FreeBSD.ORG Sat Sep 30 20:06:41 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9112916A403 for ; Sat, 30 Sep 2006 20:06:41 +0000 (UTC) (envelope-from catalin.curcanu@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.231]) by mx1.FreeBSD.org (Postfix) with ESMTP id B433243D49 for ; Sat, 30 Sep 2006 20:06:39 +0000 (GMT) (envelope-from catalin.curcanu@gmail.com) Received: by wx-out-0506.google.com with SMTP id i27so1287264wxd for ; Sat, 30 Sep 2006 13:06:39 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=nnFi2g1/nyew0jWf/tzF6Go1i5DCAxMx6a6g6Q9OUAdH9qd+8y6BB7jQVnbhNAnz49y99uvc6rWUMep3HDq/9Yz82yc2+B4yi3dXXawOvXmP2InCD/DOvofQ58QhaRoTKTaOqb6CV+1geyeiB8O9QMKKzHl1l96TN3OstdYMdRw= Received: by 10.90.25.3 with SMTP id 3mr1216209agy; Sat, 30 Sep 2006 13:06:38 -0700 (PDT) Received: by 10.90.115.18 with HTTP; Sat, 30 Sep 2006 13:06:38 -0700 (PDT) Message-ID: <4f4ba40e0609301306w2f21fba8x8f39dd2746be5eec@mail.gmail.com> Date: Sat, 30 Sep 2006 13:06:38 -0700 From: "Catalin Ioan CURCANU" To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Scalability of a pppoe server. X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Sep 2006 20:06:41 -0000 Hello I'm doing administration on a FO network backbone from a campus network connecting 16 buildings, having ~ 3000users. Internet access bandwidth alocated by the provider is 20Mbps. In this moment, all connected locations are routed to internet throught local PCbased routers so the broadcast and collision domains are limited to the buildings connected. I'm intending to do some changes into the network so my further plan is to give internet access using a single box with a pppoe server, but I have some concerns about it. If someone have a real experience with pppoe in a production environment please give me some advices about: 1. How scalable is a pppoe server with 3000 users and how much of hardware resources eats in general. (CPU+physical memory) 2. All data from connected LANs would be trasported to pppoe server throught VLANs. Which would be the posibility of anyone from a connected location of doing a man in the middle attack and gather passwords from its local area network using arp poisoning? if that's possible, are there any methods that eliminates the effects on a such attack? Thank you in advance! Catalin Ioan I. CURCANU