VPN IpSec bandwith limited
-
Hello,
I use Pfense, and one of the use is a VPN IPsec.A week a go I had a Pfsense with 300Mb/s of bandwidth and another with 50Mb/s (Personal Dsl box).
In the Vpn I was able to use 50mb/s, so no problem.The personal link was upgraded to fiber with 400mb/s.
And I'm still at 50mb/s.this is my architecture :
home : internet <---> Internet box (DMZ nat to pfense) <---> Fw pfense with vpn ipsec <---> lan
Server in DC : internet <---> Fw pfense with vpn ipsec.I tested with iperf :
from home to Dc using the VPN :
[ 3] 5.0- 6.0 sec 6.22 MBytes 52.2 Mbits/sec 0.334 ms 15/ 4452 (0.34%)
But not moreI tested from home to DC by public (with nat) :
[ 3] 4.0- 5.0 sec 48.5 MBytes 407 Mbits/sec 0.030 ms 1033/35616 (2.9%)And cpu and am are quiet.
For information pfsense on both are installed on vmware.
pfsense version : 2.4.4-RELEASE-p3(amd64), the latest.
All are working well but the bandwith in Vpn.Do someone had already see it, solved it ?
Thanks.
Christophe. -
The tests I made was using UDP.
I did the same with TCP ans it seems there is a mimitation at 25mb/s
udp test with public :
root@client ~ # iperf -c public_ip -b 400M -u ------------------------------------------------------------ Client connecting to public_ip, UDP port 5001 Sending 1470 byte datagrams, IPG target: 28.04 us (kalman adjust) UDP buffer size: 8.00 MByte (default) ------------------------------------------------------------ [ 3] local private_ip port 10012 connected with public_ip port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.0 sec 500 MBytes 419 Mbits/sec [ 3] Sent 356661 datagrams [ 3] Server Report: [ 3] 0.0-10.0 sec 485 MBytes 406 Mbits/sec 0.064 ms 10375/356661 (2.9%) [ 3] 0.00-10.02 sec 18 datagrams received out-of-order root@client ~ #udp test with private ip :
root@client ~ # iperf -c private_ip -b 400M -u ------------------------------------------------------------ Client connecting to private_ip, UDP port 5001 Sending 1470 byte datagrams, IPG target: 28.04 us (kalman adjust) UDP buffer size: 8.00 MByte (default) ------------------------------------------------------------ [ 3] local private_ip port 33804 connected with 192.168.1.3 port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.0 sec 500 MBytes 419 Mbits/sec [ 3] Sent 356660 datagrams [ 3] Server Report: [ 3] 0.0-10.3 sec 283 KBytes 226 Kbits/sec 611.953 ms 356462/356659 (1e+02%) root@client ~ #tcp test with public ip :
root@client ~ # iperf -c public_ip -b 400M ------------------------------------------------------------ Client connecting to public_ip, TCP port 5001 TCP window size: 85.0 KByte (default) ------------------------------------------------------------ [ 3] local private_ip port 52622 connected with public_ip port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.0 sec 30.4 MBytes 25.4 Mbits/sec root@client ~ #tcp test with private ip :
root@client ~ # iperf -c private_ip -b 400M ------------------------------------------------------------ Client connecting to private_ip, TCP port 5001 TCP window size: 64.0 KByte (default) ------------------------------------------------------------ [ 3] local private_ip port 12658 connected with private_ip port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.0 sec 29.5 MBytes 24.7 Mbits/sec root@client ~ #Very strange.
Any idea ?