Weird IPSEC Performance
-
Recently one of my VPN's that had been running at 250-300mbps dropped to 20mbps. Looking around I had added some new VPN's to the box, and thought I would just need to upgrade to a QAT to offload the strain on the CPU.
I ordered 2 of these expensive cards and put the first one into my failover router for testing. After some initial testing I was able to see a Remote - > Local performance increase. We are hovering around 650-700mbps. However, my Local - > Remote traffic is still stalled around 50mbps.
Confused and frustrated,
I put together a 3rd pfSense router with the second QAT card, fresh install, no configuration other then assigning a static on wan and connecting it directly to the system I am using to test throughput. I install Iperf3 and run a test from Local PC to Local pfSense. 940ish in both directions. Good.
Remote PC to Local pfSense(Across VPN) 600 Up (To Local pfSense) 500 Down (From Local pfSense). Good sign.
Remote PC to Local PC - 650 up, 45 down. WTFSo after all these tests. I am left asking why is the VPN faster to the router then to the pc directly connected.
-
Hi,
I install Iperf3 and run a test from Local PC to
Local pfSense. 940ish in both directions.
If you will be able to set up iperf on pc 1 behind pfsense 1
and pc 2 behind pfsnese 2 and do an iperf test again it would
more realistic and based on the entire money you spend it
might be nice to hear what comes out.Being sure with this hardware setup like yours you may often connect two branches or companies to gain the entire throughput for workload and/or file transfer like syncing and / or db data exchange.
Recently one of my VPN's that had been running at
250-300mbps dropped to 20mbps.
By the way from what should it breaking in? Perhaps based on the other vpn end and not on your site?