19.1 VPN speeds capped at 100Mbs?

Started by lewi3069, February 08, 2019, 04:57:26 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 08, 2019, 04:57:26 PM Last Edit: February 09, 2019, 05:17:36 PM by lewi3069
It appears that recent upgrades have VPN speeds capped around 100Mbs. I have tried building OpenVPN and IPSEC tunnels to test. I used to get over 100 on 18.7 versions.

I've tested with 3 sites
Two are VMs and One Bare Metal
All use Intel Nics
One is using vmxnet3 other is e1000
All support AES-NI Core counts are 8@4ghz, 6@2.8ghz, and 4@3.2ghz
Deleted all Traffic shaping that was applied to one FW
Rebooted everything
Main site that is involeved in all testing is on 19.1.1
Secondary sites are 18.7.x and 19.1.1

Main has 400/20
two sites have 1G/1G

OpenVPN
Tried AES-128-CBC and GCM
SHA 256
DH 2048 and 4096
fast-io;
push "fast-io"; (also set on the other end as I'm not sure if push works)
sndbuf 524288;
rcvbuf 524288;
push "sndbuf 524288";
push "rcvbuf 524288"

IPSec
Tried AES128CBC and GCM
SHA1 and SHA 256
Tried no encryption on Phase2
February 10, 2019, 05:47:34 AM #1
Is there other detail that I should provide?
February 10, 2019, 06:09:19 AM #2
Are your speeds consistent and under 100Mbps in either direction ?

Can you provide some iperf data beetween hosts over the tunnels ? That is, not host to firewall.
Print
Go Up Pages1
User actions