[Openswan Users] Bad performance on 2.6 kernel (native IPSec)
Mark van Proctor
m.vanproctor at metech.com.au
Sat Jan 21 23:08:14 CET 2006
I'm getting very slow throughput on my IPSec connections... on a dedicated
512/512 DSL line that achieves full 512kbps on most downloads, I am only
getting approximately 250kbps for my vpn (The other side is an E1/T1 so not
the bottleneck).
I'm using 2.4.0 on RHEL ES 4 (its in a production environment, so no I can't
test 2.4.5rc4 and there didn't appear to be any major bug fixes between
2.4.0 and 2.4.4 that I needed so was waiting for 2.4.5 to be fully released
before I upgraded (I want the rightsubnet for L2TP fix).
I am getting these kinds of speed issues using both standard IPSec
connections and tunnelled L2TP connections (WinXP SP2 Roadwarriors).
I am able to send large (10kB) pings so fragmentation is not failing, but
I'm not sure if it is occurring and thus slowing down the connection.
MTU/MRU is 1500 for the ethernet card.
overridemtu is set in ipsec.conf to 1410
MTU/MRU is set to 1350 for the L2TP daemon (but remember, I have the issue
for non-l2tp connections also).
Any thoughts would be greatly appreciated!!!
(PS - CPU usage is minimal so I don't think it can be hardware
performance...)
Mark van Proctor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060121/04211f5c/attachment.htm
More information about the Users
mailing list