OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: JasMan on March 24, 2018, 02:26:22 pm

Title: IPsec traffic counting twice in NetFlow data
Post by: JasMan on March 24, 2018, 02:26:22 pm

Hi,

I've set up an IPsec tunnel from my OPNsense 18.1.5-amd64 to an AVM Fritz!Box 7590 to backup my data to another location.

When the backup is running, it uses nearly the complete WAN upload speed of 5 Mbit/s. But the IPsec NetFlow graph shows round about 9 Mbit/s which is not possible (see attachment).

I've already tried to add the IPsec interface to the "Egress only" setting in the NetFlow data, but without success.

Can somebody explain this? Or is it a bug?

Thank you.
Jas Man

Title: Re: IPsec traffic counting twice in NetFlow data
Post by: JasMan on March 25, 2018, 02:02:22 pm

Today I found out, that it has to do with the "Traffic Shaping". A rule for the outgoing WAN traffic priorize the IPsec backup traffic. When I disable this rule, the NetFlow graph looks fine (IPsec traffic has the same bandwith as the WAN traffic).

Anybody aggree that is a bug? :)