openvpn performance issue after update to 2.5
-
Hi together,
today i updated my pfsense to the latest version.
Also i updated the openvpn package to 2.5
So now, i have the latest version on it.
My problem , the performance is sooo slow.
At home i have a 500 Mbit Cable connection , on my server at the datacenter there is a 1 gbit connection,
So i am using an virtualized pfsense on a vmware esxi.
on the esxi is hyper threading active an nested virtualization.
At home i am using my intel xeon 2620 dedicated server as a hardware firewall.
The connection is up, but i only get around 50 mbps.
My settings:Encryption: AES-128-CBC
HASH: SHA1
Compression: no
Hardware Crypto: Intel RANDbuffer size: 512kb ( i also changed but nothing happen)
Any idea whats wrong ?
I also tried to change the tun-mtu but this is also not correct.
The firewall have 4GB RAM , 4 Cores CPU.
The cpu is alway in idle when traffic is running through.Thanks
Br
Christian
-
Have you tried setting your hardware crypto to none so AES-NI can handle it?
-
@panoptic yes I also tried this.
But no change. -
It may have something to do with the Scepter/Meltdown mitigations in the newer bsd kernel. Might be time to upgrade to a newer CPU.
-
@panoptic but the CPU is only used around 20 %
-
@denndsd , have you tried to disable all mitigation settings?
I had similar problem, which I managed to sort out only with downgrade to 2.4.