Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Polling considered bad? Polling vs Not Polling IPsec benchmark (ALIX/Hifn/1.2.3)

    IPsec
    2
    2
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jpp
      last edited by

      I just upgraded one of my old soekris 48xx boxes to a new ALIX board, 1.2.3 release and moved the 1411 Hifn card over.  I'm seeing some interesting benchmark results.

      Using 3DES with polling ON I get about 15Mbit/s and ~40% cpu use but with polling OFF I get 25Mbit/s and 90% cpu use.

      Messing with the kern.polling.* setting doesn't make any difference.

      For completeness the other end is a Xeon box running 1.2.2 and the net in between is comcast capped at a notional 30Mbit/sec. Non-vpn connections top out at 33 Mbit/sec with no problem polling OFF and top out at 29Mbit/sec with polling ON.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Personally, I've not seen polling ever help on an ALIX. I haven't tried a Hifn card though.

        I think cmb said he was able to get >30Mbit of IPsec on ALIX with 3DES (and DES, AES, and AES 256)

        I don't think he had polling enabled when he did the tests, but I'm not 100% sure on that.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.