IPSEC - Will creating more phase two tunnels slow down the VPN
-
I am in the process of further segmenting my networks for security purposes. This increases the amount of child sa's I will need on my site to site vpn. Will increasing the number of phase 2 tunnels slow down my site to site vpn?
-
@daboomer If they're constantly transmitting data they will increase the load on the system.
-
@rcoleman-netgate no it will be exactly the same amount of data, just moving some of the machines to a different subnet that will still need to cross the vpn to the same machines they connect to now, only they to will be moved in to a subnet by themselves. Same amount of data just extra tunnels!
-
@daboomer without knowing how much data, the type of CPU, internet connection, other side CPU, internet connection, consistency of data, etc...
The only thing we can say is it will increase CPU load.
I consistently push 25Mbps to a datacenter over fiber about 6 miles away... but adding more P2s doesn't change my throughput at all on my 5100 on 1GbE