Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Question about re-directing gateway

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jamesc
      last edited by

      Hi all,

      We have a number of 'road warriors' who connect into our data center over a 3G connection on their laptop.

      I'm looking to redirect all of their Internet traffic through the large pipe at our data center.  This is to encypt their traffic over the 3G wireless network and to enforce web filtering policies when users are off-site.

      My question is would the clients see much of a hit on their bandwidth when re-directing all their Internet traffic through to our data center pfSense.  Just for information, we have a 100mbit connection on the data center pfSense box which has very low latency.  The users 3G connections normally get around 2mb down and 1mb up when running a speedtest on them.  Would the users experience a noticeable loss is speed/bandwidth if I were to redirect their gateway?

      I guess I could just set it up and test but thought i'd ask on here to see if anyone has any real world experience.

      Cheers,

      James

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The actual throughput may be OK but they would see increased latency. How much really depends on the full path from them to the DC, but 3G can have enough latency on its own that it may be noticeable to add a VPN on top, though I'd still do it.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          jamesc
          last edited by

          Thanks Jim, I did some quick tests today using an existing site-to-site setup but the results were a little disappointing.

          At the client end I have a 40mbit WAN connection and a 100mbit connection at the server end.

          When I redirect the client gateway, I struggle to get over 10mbit on a speedtest.  If I remove the redirect-gateway option, the speedtest correctly reports 38mbit down.

          This was using no encryption.  The client is running off an Alix box, the server is a quad core Xeon.

          My initial thoughts are that the client hardware doesn't have enough horsepower to deliver throughput but on the other hand, with no encryption should this really matter?

          EDIT: Checked CPU using 'top' and the openvpn process peaks at around 40% when using AES-256 and 25% with no encryption  :-\

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.