OpenVPN - Very slow throughput
I am rolling out vpn’s for clients. These are small units we've built with Intel(R) Celeron(R) CPU J3455 @ 1.50GHz CPU including AES-NI.
The major problem I am seeing is very slow performance on OpenSSL tunnels. I do not have speed issues outside of the tunnel but still between the same two locations otherwise. This implies the OpenVPN tunnel is the problem. I am using iperf for the testing throughput.
Either side has 150mbps symmetrical upload and download. Outside the tunnel I get pretty close to that between the two sites. Inside the tunnel I get about 20mbps. Turning encryption OFF on the tunnel (both sides) and it doesn't move significantly enough to say that helped at all. I have tried AES-CBC-128, and 256 since the CPU has AES-NI capability. Looking at CPU usage it's basically idle. I have tried increasing the buffer to 2MB without impact.
This is pfsense 2.4.5-RELEASE-p1.
It's a UDP tunnel fyi, not TCP