Slow Performance ipsec

digitalcomposer

Hi guys

Ipsec Site to Site with same Hardware and same ISP, Site A 1Gbit and Site B 1Gbit.

My best performance is only using AES in Phase 1 and 2, but steel slow Performance.

Hardware crypto is activated on both site

CPU Type Intel(R) Xeon(R) CPU D-1518 @ 2.20GHz
8 CPUs: 1 package(s) x 4 core(s) x 2 hardware threads
AES-NI CPU Crypto: Yes (active)
QAT Crypto: No
Hardware crypto AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS.

[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.04 sec 23.8 MBytes 191 Mbits/sec 0 177 KBytes
[ 5] 1.04-2.01 sec 23.1 MBytes 200 Mbits/sec 2 176 KBytes
[ 5] 2.01-3.00 sec 28.0 MBytes 237 Mbits/sec 0 192 KBytes
[ 5] 3.00-4.01 sec 27.2 MBytes 226 Mbits/sec 2 156 KBytes
[ 5] 4.01-5.01 sec 29.5 MBytes 247 Mbits/sec 0 208 KBytes
[ 5] 5.01-6.01 sec 29.3 MBytes 247 Mbits/sec 0 208 KBytes
[ 5] 6.01-7.00 sec 30.0 MBytes 254 Mbits/sec 0 208 KBytes
[ 5] 7.00-8.00 sec 30.3 MBytes 254 Mbits/sec 0 208 KBytes
[ 5] 8.00-9.00 sec 30.3 MBytes 254 Mbits/sec 0 208 KBytes
[ 5] 9.00-10.02 sec 31.3 MBytes 258 Mbits/sec 0 208 KBytes

---

[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.02 sec 283 MBytes 237 Mbits/sec 4 sender
[ 5] 0.00-10.02 sec 283 MBytes 237 Mbits/sec receiver

digitalcomposer

Nobody ?

digitalcomposer

@digitalcomposer

So what is the problem with IPSEC and Crypto AES-GCM??

I try with WireGuard and the SITE TO SITE speed is 800Mbit/s and with IPSEC 23Mbit/s.