[Openswan Users] Bad performance on 2.6 kernel (native IPSec)
Paul Wouters
paul at xelerance.com
Sat Jan 21 18:16:07 CET 2006
On Sat, 21 Jan 2006, Mark van Proctor wrote:
> I'm using 2.4.0 on RHEL ES 4 (its in a production environment, so no I can't
> MTU/MRU is 1500 for the ethernet card.
> overridemtu is set in ipsec.conf to 1410
If you use netkey (ipsec --version) then overridemtu= does not work. You
will need to ifconfig ethX mtu1410.
> MTU/MRU is set to 1350 for the L2TP daemon (but remember, I have the issue
> for non-l2tp connections also).
Try 1200 there. We did some calculations of possible overheads of all kinds
of tunneling protocols, and that seemed a good experimental figure
> (PS - CPU usage is minimal so I don't think it can be hardware
> performance...)
Paul
--
"Happiness is never grand"
--- Mustapha Mond, World Controller (Brave New World)
More information about the Users
mailing list