hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Specialty Hosting and Markets : VPN Hosting, practicality, automation solutions?
Reply

Forum Jump

VPN Hosting, practicality, automation solutions?

Reply Post New Thread In Specialty Hosting and Markets Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 11-02-2008, 05:56 AM
NuCode NuCode is offline
Aspiring Evangelist
 
Join Date: Nov 2004
Location: Finland
Posts: 438
VPN Hosting, practicality, automation solutions?

I've been thinking about starting a VPN hosting service, the grand idea is something along these lines:
Lots of people live abroad, but would prefer to listen to radio stations on their home country (atleast for Finnish people that is), however, Finnish regulation says that the streams may only work for finnish origin IP addresses. So a VPN is a solution here, a legitimate solution (Finnish website, so it's very highly unlikely that non-finns would order the service). This would be the main target customer base.
and on more mainstream, just offer a secure VPN tunnel to other part of the world to avoid snooping, content filtering (China ...) etc. used in some places. (this is the mainstream selling page offering, VPNs located in US, Netherlands and Germany)
So, i'm looking for is there any automated solutions out there yet?
OpenVPN seems good choice as the VPN providing software on Linux boxes, PoPToP is too limited (needs client IP Address as well). Is there suggestions to look on other implementations aswell? Any hassles with using OpenVPN?
Windows could be affordable too, it's dead easy to setup manually, but is there a automated fashion i could use to setup VPNs on a windows box? Mainly it would require adding new VPN users.
I'm planning to stick upto 60 clients per box of Pentium D 3Ghz / Core2Duo ~2.2-2.4ghz / Xeon dualcore (Core2Duo arch) with 1Gb-2Gb ram. Is this sufficient hardware? What are the hardware requirements basically, how much resources does an VPN need?
I see it needing some ram during data transfers as buffer, but i would assume it's going to be max peak of around 50mb per client, and on regular usage 1-3mb, and CPU power mostly on opening the tunnel(handshake)? on regular use, CPU power of a client on a 3Ghz Pentium D i would suppose to be around 1%?
Network I/O on that many clients is the obvious bottleneck as with 60 clients using simultaneously 100Mbps is saturated rather easy.
Also using Linux i'm thinking i would do small time traffic shaping:
* Prioritise port 22, 80 (on this order), others equivalent share
* Pseudo Proxy (transparent), a squid proxy caching image files etc. to lessen bandwidth demand
* Cap clients to 25Mbps maximum so 1 client cannot saturate the connection and most people don't even have 25Mbps speed.
Should i also pass through TOR the web traffic? Or sell that as a added service? TOR would slow down surfing tho
On legalities, how worried i should be about using it for very immoral activities, and how would the privacy policies be drafted? Log no traffic at all? Keep no client details, only use recurring subscriptions with as little data collected as possible?
Any other recommendations?
Thank You! ^^





__________________
NuCode
Web Development and Hosting services



Sponsored Links
  #2  
Old 11-02-2008, 07:11 AM
topgun topgun is offline
Web Hosting Master
 
Join Date: Aug 2003
Posts: 572
Quote:



Originally Posted by Skal Tura


On legalities, how worried i should be about using it for very immoral activities, and how would the privacy policies be drafted? Log no traffic at all? Keep no client details, only use recurring subscriptions with as little data collected as possible?
Any other recommendations?
Thank You! ^^


I think this will be the most challenging part of the business and you will certainly require professional legal advice, which will not be cheap at all.
The extent to which you will need to regulate your service will depend on the country in which your servers physically exist, the laws of the country in which your business in incorportated and any other restrictions of your ISP. (I hear Leaseweb are very flexible in the regard ).
Technically speaking, you can automate everything with OpenVPN, including compiling custom client installers for lots of operating systems.





Last edited by topgun : 11-02-2008 at 06:14 AM.

  #3  
Old 11-02-2008, 02:57 PM
NuCode NuCode is offline
Aspiring Evangelist
 
Join Date: Nov 2004
Location: Finland
Posts: 438
Quote:



Originally Posted by topgun


I think this will be the most challenging part of the business and you will certainly require professional legal advice, which will not be cheap at all.
The extent to which you will need to regulate your service will depend on the country in which your servers physically exist, the laws of the country in which your business in incorportated and any other restrictions of your ISP. (I hear Leaseweb are very flexible in the regard ).
Technically speaking, you can automate everything with OpenVPN, including compiling custom client installers for lots of operating systems.


Indeed, i do agree this is the most challenging part. The easy route would be to "Customers use the service on their own liability, and are responsible for their own actions. We have to share your contact details with authorities shall such requests come", but customers wouldn't like that probably





__________________
NuCode
Web Development and Hosting services

Sponsored Links
  #4  
Old 11-08-2008, 10:04 AM
mrzippy mrzippy is offline
Mr. Awesome
 
Join Date: Jul 2002
Posts: 5,976
I am curious to know what kind of software you are using to manage the openVPN software.





__________________
Want to sell domain names? Sign up today for an eNom.com reseller account from a trusted eNom ETP provider.* We provide support and service to over 3245 happy eNom domain name and SSL certificate resellers!

  #5  
Old 11-08-2008, 10:47 AM
NuCode NuCode is offline
Aspiring Evangelist
 
Join Date: Nov 2004
Location: Finland
Posts: 438
well nothing yet, that's why this thread. It'll be custom tailored most likely.





__________________
NuCode
Web Development and Hosting services

  #6  
Old 11-13-2008, 02:01 PM
InfiniteTech InfiniteTech is offline
Premium Member
 
Join Date: Dec 2006
Location: Netherlands
Posts: 1,428
Quote:



Originally Posted by Skal Tura


So, i'm looking for is there any automated solutions out there yet?


There are a lot of VPN providers here. I am sure some will be glad to help you out.
Quote:



Originally Posted by Skal Tura


OpenVPN seems good choice as the VPN providing software on Linux boxes, PoPToP is too limited (needs client IP Address as well). Is there suggestions to look on other implementations aswell? Any hassles with using OpenVPN?


OpenVPN request the client IP too. How on earth will it setup a tunnel without knowing the other end?
Your telling me USPS (PoPToP) can deliver post only when they have the client's address where as FedEx (OpenVPN) can deliver a post without the client's address?
Quote:



Originally Posted by Skal Tura


I'm planning to stick upto 60 clients per box of Pentium D 3Ghz / Core2Duo ~2.2-2.4ghz / Xeon dualcore (Core2Duo arch) with 1Gb-2Gb ram. Is this sufficient hardware? What are the hardware requirements basically, how much resources does an VPN need?
I see it needing some ram during data transfers as buffer, but i would assume it's going to be max peak of around 50mb per client, and on regular usage 1-3mb, and CPU power mostly on opening the tunnel(handshake)? on regular use, CPU power of a client on a 3Ghz Pentium D i would suppose to be around 1%?


Servers are not the way to go. Servers have a low PPS compared to routers made for the purpose. When you do go with a router, your only limit would be the max users limit placed by the router and your bandwidth - you don't have to worry about CPU, RAM, HDD I/O, etc.
These routers cost from 50 USD to 5000 USD. Get one which offers 128 bit encryption with around 200~ users - should cost around 500 USD; good one. That way, you can save a lot on power + colocating that router!
Quote:



Originally Posted by Skal Tura


On legalities, how worried i should be about using it for very immoral activities, and how would the privacy policies be drafted? Log no traffic at all? Keep no client details, only use recurring subscriptions with as little data collected as possible?


That is dependent on the country where you are colocating. Incase of Sweden (source: relakks.com) you don't have to keep client info so long your offering a flat-fee prepaid service (no subscription). Same goes here in India (from experience). But the thing to keep watch on is that you have to log all activities the client does.
Quote:



Originally Posted by Skal Tura


Any other recommendations?


You might want to block all payment gateway sites (PP, MB, etc) - more likely people are to commit fraud using VPNs and proxy networks.





__________________Infinite Technologies - Specializing in VPS and Dedicated Servers+1 (888) WEB-5333 - Contact Us

  #7  
Old 11-13-2008, 02:40 PM
NuCode NuCode is offline
Aspiring Evangelist
 
Join Date: Nov 2004
Location: Finland
Posts: 438
ty for your answers Ganesh.
I see VPN tunnels opened on daily basis without the VPN providing server knowing upfront the IP Address from which client connects (ie. not pre-configured), that is what i meant. PoPToP doesn't support anything else than preconfiguring the addresses.
Servers i thought because that gives me more control, i doubt the VPN devices offer things such as: Pseudo WWW proxy, Bandwidth Throttling, Per user usage statistics (If this is even possible with OpenVPN i do not know), and blocking certain websites. On the PPS issues, many of the devices i've seen are basicly minicomputers running Linux on somekind of RISC CPU, or other miniscule power consumption and price point cpus. So a regular device is likely to have the same PPS issues. Infact, i've seen "routers" which had so low PPS throughput that even a P90 would probably have higher.
The no subscription clause is interesting, why couldn't there an flat-fee prepaid service use subscription based payments, ie. credit card charged automatically each month.
Ty, didn't think outright think about the payment services.





__________________
NuCode
Web Development and Hosting services

  #8  
Old 11-30-2008, 04:43 PM
InfiniteTech InfiniteTech is offline
Premium Member
 
Join Date: Dec 2006
Location: Netherlands
Posts: 1,428
Quote:



Originally Posted by Skal Tura


ty for your answers Ganesh.
I see VPN tunnels opened on daily basis without the VPN providing server knowing upfront the IP Address from which client connects (ie. not pre-configured), that is what i meant. PoPToP doesn't support anything else than preconfiguring the addresses.


PoPToP doesn't need to know the IP address of the connecting client in advance. It can work just on username/pass authentication. So no need of any preconfiguration... since the last time I used it.
Quote:



Originally Posted by Skal Tura


Servers i thought because that gives me more control, i doubt the VPN devices offer things such as: Pseudo WWW proxy, Bandwidth Throttling, Per user usage statistics (If this is even possible with OpenVPN i do not know), and blocking certain websites. On the PPS issues, many of the devices i've seen are basicly minicomputers running Linux on somekind of RISC CPU, or other miniscule power consumption and price point cpus. So a regular device is likely to have the same PPS issues. Infact, i've seen "routers" which had so low PPS throughput that even a P90 would probably have higher.


Try some of the Nortel products. I don't remember exactly... one of them offers you 2000 SSL connections simultaneously on 128 bit crypto. I doubt you can get such performance on any server.
Quote:



Originally Posted by Skal Tura


The no subscription clause is interesting, why couldn't there an flat-fee prepaid service use subscription based payments, ie. credit card charged automatically each month.
Ty, didn't think outright think about the payment services.


You can make your customers prepay for 1, 3, 6, 9 or 12 months. But you cannot make them subscribe, a.k.a no contract.





__________________Infinite Technologies - Specializing in VPS and Dedicated Servers+1 (888) WEB-5333 - Contact Us

Reply

Related posts from TheWhir.com
Title Type Date Posted
Learn to Grow Your Hosting Business with Public Cloud in GlowTouch Technologies, AWS Webinar Blog 2013-04-23 10:19:19
VIDEO: GlowTouch VP of Operations Russ Broomell Talks Parallels Automation on AWS Whir Tv 2014-05-02 14:30:16
Sonian Email Archiving Joins Application Packaging Standard Ecosystem Web Hosting News 2013-01-04 15:56:58
Dell Acquires Infrastructure Automation Software Provider Gale Technologies Web Hosting News 2012-11-16 16:52:08
Jelastic's Version 1.8.5 Features Parallels Billing Automation Standard Integration Web Hosting News 2012-10-23 14:49:22


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?