Please bear in mind the following limits when accessing your Opengear appliance:
- Concurrent SSH connections to the appliance itself is RAM bound, CM7100 and IM7200 will handle 300+, IM4200, CM4100, ACM5000 and ACM5500 will handle 50, and SD400 will handle 10 (depending on what other services are configured)
- Concurrent SSH connections to serial ports is also RAM bound, CM7100 and IM7200 will handle 200+, IM4200, CM4100, ACM5000 and ACM5500 will handle 50, and SD400 will handle 10 (depending on whatever other services are configured)
- Simultaneous SSH connections is mainly CPU bound, CM7100 and IM7200 can handle 100+ but sshd defaults to the sensible limit of 10 pending unauthenticated connections at any time (MaxStartups)
Accessing multiple serial ports using SSH
Current Opengear models will handle the large volume SSH connections that can be expected in their role as a console server, with little or no noticeable performance degradation.
For legacy models with constrained resources or in very demanding environments, consider using the ControlMaster/ControlPath feature of OpenSSH. This allows for persistent connections and multiplexing of interactive connections in one session.
When the ControlMaster connection is established with the console server, it goes through the normal login sequence including asking for passwords and exchanging keys. Subsequent SSH sessions you initiate to the same console server connect to the ControlMaster via the UNIX domain socket. The master SSH session then creates another interactive connection within the existing session, which your second SSH uses. Because the existing connection is reused, the second session setup is very much faster (there is no need to pull up a new TCP/IP connection, no need for key exchange, and no need for authentication). Once the master connection is established, it is trivial to start and stop a large number of connections very quickly.
Comments
0 comments
Article is closed for comments.