Netgate 6100 openvpn slower on some appliance
-
Hello,
I have two Netgate 6100 appliances (pfsense version 23.05.1).
Both of them have a similar internet bandwidth (1G fiber).
They are link via a IPSec tunnel and both have an OpenVPN server configured with the same settings:- QAT enabled
- Cipher: AES-256GCM
- MSS Clamping: 1328
- DCO: disable
Users are connecting via openvpn on one netgate device.
Using iperf3 via openvpn connection, I obtained the following results:
On one appliance:
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 321 MBytes 269 Mbits/sec sender
[ 5] 0.00-10.01 sec 320 MBytes 268 Mbits/sec receiverOn the other appliance:
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 106 MBytes 89.3 Mbits/sec sender
[ 5] 0.00-10.02 sec 106 MBytes 89.0 Mbits/sec receiverOne of the OpenVPN server is really slower than the other one. I try to compare both pfsense settings but I didn't found any difference.
One know where to start to be able to find the configuration issue ?
thanks for your help
-
This post is deleted! -
This post is deleted! -
On the slow netgate, I stop the IPsec tunnel and reboot the device.
after few files transfert over openvpn, I check the interrupt with the commande : vmstat -i | grep qat
the command didn't return any result.
Maybe I'm wrong but it's seem that openvpn don't use QAT.after restarting the IPSec tunnel vmstat -i | grep qat return :
irq170: qat0:b1 139 0
-> QAT is used by IPSecis there a reason for openvpn not using QAT ?