<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2802" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>I'm getting very
slow throughput on my IPSec connections... on a dedicated 512/512 DSL line that
achieves full 512kbps on most downloads, I am only getting approximately 250kbps
for my vpn (The other side is an E1/T1 so not the
bottleneck).</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>I'm using 2.4.0 on
RHEL ES 4 (its in a production environment, so no I can't test 2.4.5rc4 and
there didn't appear to be any major bug fixes between 2.4.0 and 2.4.4 that I
needed so was waiting for 2.4.5 to be fully released before I upgraded (I want
the rightsubnet for L2TP fix).</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>I am getting these
kinds of speed issues using both standard IPSec connections and tunnelled
L2TP connections (WinXP SP2 Roadwarriors).</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>I am able to send
large (10kB) pings so fragmentation is not failing, but I'm not sure if it is
occurring and thus slowing down the connection.</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>MTU/MRU is 1500
for the ethernet card.</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>overridemtu is set
in ipsec.conf to 1410</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>MTU/MRU is set to
1350 for the L2TP daemon (but remember, I have the issue for non-l2tp
connections also).</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>Any thoughts would
be greatly appreciated!!!</FONT></SPAN></DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=216083514-21012006><FONT face=Verdana size=2>(PS - CPU usage is
minimal so I don't think it can be hardware performance...)</FONT></SPAN></DIV>
<DIV><FONT face=Verdana size=2></FONT> </DIV>
<DIV align=left><FONT face=Verdana size=2>Mark van
Proctor</FONT></DIV></BODY></HTML>