Hi, I''m researching for WAN optimizations with linux. My network is composed for MPLS network connecting 200 branches against a central site. I use Linux machines to provide security with IPSEC in the branches and in the central site. Now I''m lookup for techniques for optimization the link. My first ideas was use IPCOMP and proxy to cache traffic of HTTP applications. Somebody have any other idea to get better utilization of WAN links with Linux? I had seen commercial appliances that do dictionary compression and other cool things, but I don''t want to use they. regards, diegows -- ------------------- Diego Woitasen -------------------
On 6/6/2007 8:19 PM, Diego Woitasen wrote:> I''m researching for WAN optimizations with linux. My network is > composed for MPLS network connecting 200 branches against a central > site. I use Linux machines to provide security with IPSEC in the > branches and in the central site. Now I''m lookup for techniques for > optimization the link. My first ideas was use IPCOMP and proxy to > cache traffic of HTTP applications. Somebody have any other idea to > get better utilization of WAN links with Linux?I have never been a really big fan of trying to compress traffic on one side of a link and decompress it on the other side. Something else to consider is what you are trying to optimize. Are you trying to get more bandwidth, or better latency, or what. If you are dealing with lots of long distance links, you may want to look in to playing with TCP window size(s) so that you can have more data in transit at one time with out pausing for acknowledgments. I would recommend that you use QoS to make sure that your priority traffic is put through first and that the rest is shared as evenly as possible or as you want it to be. Proxies, local replicating file servers, local store and forward email servers that can directly route messages, are all good things. With out knowing more about your configuration, I can''t offer much more than general things to look at. Grant. . . .
> I''m researching for WAN optimizations with linux.Are you doing lots of HTTP and SSL traffic to an internal website? If so, maybe it makes sense to put Squid on your remote sites. Squid is an open source web proxy and I know at least some of the commercial stuff depends on it. I''ve had good luck at a few sites doing Squid. - Greg Scott
On 06/07/07 09:31, Diego Woitasen wrote:> My configuration is very simple, the branches only have HTTP and VOIP > traffc agaisnt central site. My question is about general tools to > optimize WAN traffic.Short of an HTTP proxy that uses compression between it and its parent proxy(s) and proper codecs, I can''t think of any thing else off hand to try to help. I suppose you could use PPP across the link and try deflate compression... But in my opinion the PPP encapsulation would just make things nasty. Grant. . . .