On Thu, Dec 09, 2021 at 03:28:40AM +0100, Petr Menšík wrote: > On 12/5/21 19:44, Fabian Druschke wrote: > > Hey friends, i hope you all are doing fine. > > > > Currently i'm facing a little challenge. I have a large network with > > more or less 30k clients, and i need a router for NAT from the LAN > > subnets, in the 10.0.0.0/8 address space to the outside WAN public ip > > address. So it's a quite simple scenario. > > > > I've purchased a Juniper MX150 router already, but it was the wrong > > choice due to the lack of NAT support at all. So i wanted to use > > OpenWrt for this scenario, because it is really really simple to set > > up for this use. > > > > What i'm struggeling with, is the DHCP server included on OpenWrt. By > > default it's dnsmasq, and it's easy to configure through the LuCi web > > interface. Before going into production i'd like to make sure if > > dnsmasq is designed or capable to handle this amount of clients (peak > > 30k / 5 requests per second). > > > > Does someone have experience with such a scenario, and is there a > > proper tool to benchmark DHCP ? > > > > Interesting, I am just debugging situation when multiple instances start > and request DHCP at similar time. Without no-ping option, it works quite > bad. Even starting 16 instances at the same time does not work reliably > to us with ping enabled. It seems our 2.79 version is broken, 2.81 were > fixed. But if you have 5 requests per seconds, I would use more heavy > server. Dnsmasq is great for small networks, but I think it has no > design for high performance. It does not scale well with hundreds or > thousands clients. > > Make sure you use no-ping for good performance. Ping code does just one > at a time, which makes it quite slow if enabled. I would try dhcp-server > or kea, it seems you have big enough network.
I would avoid single points of failure. Groeten Geert Stappers -- Silence is hard to parse _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
