IPSEC low throughput



  • Good morning,

    First of all, I would like to thank you for the time you will take to answer and help me to solve this problem.

    My network:

    An internet local area network at my company, 192.168.26.0/24.
    An external LAN at the company "OVH", 172.16.26.0/24.

    I'm trying to make these two networks communicate through an ipsec tunnel, well two ipsec tunnels, but when the problem is solved for one of them, it will solve the problem for the other one.

    The tunnel works through a public IP address of an overthebox.
    (hardware offered by ovh to aggregate two internet connections).

    My "internal" bandwith is | Latency 18ms | Download 400Mbp/s | Upload 170Mbp/s |
    My "external" bandwidth is | Latency 18ms | Download 550Mbp/s | Upload 200Mbp/s |

    The flow rate through the tunnel is 3.5 mo/s.

    I tested:

    MTU size
    Hardware acceleration
    The encryption algorithms in both P1 and P2
    Access lists that could be binding
    The network cards of my pfsenses that wouldn't perform well enough
    Try with other gateways than overthebox "without link aggregation".

    If you have ideas or leads to explore do not hesitate!



  • @Yazur Hi,

    Did you try to tune the encryption key size and algorithms ? The more you encrypt, the more CPU you use.

    What are the CPU/RAM usage on both side of the tunnel while doing the test ?

    coom



  • @coom

    File being downloaded:

    47b65d70-a5a1-4a1e-9b1b-4f556de4815a-image.png

    No transfer in progress:

    f7c55aca-7195-4ff0-ac9c-e8e63b911f4a-image.png

    I've tried several encryption algorithms.

    Currently I have this configuration:

    8da5f94c-7aa2-49dd-85c6-b8fb3f21f23b-image.png

    ce2093f3-8673-4a43-ace8-5251d65c0a11-image.png



  • UP



  • UP


Log in to reply