4. Higher throughput with OpenVPN than IPSec. Can it be?

Higher throughput with OpenVPN than IPSec. Can it be?

  • J

    I setup a new IPSec tunnel between two pfSense boxes (Xeon D-1521 & Avoton C2758) with Gigabit internet.  I can't seem to break 17.5MB/s on SMB file transfers yet I can hit 22MB/s via an OpenVPN tunnel between the same two boxes.

    I've tried all different encryption settings and right now and using AES 128 and SHA1 for testing purposes though no setting change has affected the throughput at all.  I've tried enabled MSS clamping and setting MTU to 1300 on both ends but no luck.

    Being that OpenVPN is single threaded I realize I can't go beyond the 22MB/s I'm getting because it's making out my C2758 (CPU usage stays at 15-16% which equals 1 core maxed out).  However with both CPU's having AES-NI enabled I thought I'd at least be able to surpass OpenVPN speeds.  And while I realize SMB isn't the greatest test as it's a very chatty protocol and thus not great for WAN transfers, that still doesn't explain why I'm a good 40Mbit slower using IPSec vs. OpenVPN.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy