[Openswan Users] IPSec Traffic Slow in one direction

Paul Wouters paul at xelerance.com
Thu Mar 15 16:39:01 EDT 2007

On Thu, 15 Mar 2007, Harald Scharf wrote:

> After solving the MTU problem with your help (thanks for this, and yes:
> the NAT box droped the icmp frag...),


> In my setup, using padlock_aes as accelerator, the ipsec traffic is 2-3
> times faster sending than receiving.
> When I copy a file with scp to a server behind the vpn, I get about
> 30-40 MBit/s,
> but when I transfer the same file from the server to the client, the
> speed is
> at about 15 to max. 20 MBit/s.
> The error counters on the interfaces are all zero, dmesg does not tell
> anything unusual.
> What I can tell is, that the "sending" bandwidth is exactly the same, as
> when I do NOT use padlock_aes.
> My esp setting is aes128-sha1.

Nothing comes to mind immediately. It would require a good reproducable
setup and careful testing to figure out what might be the problem.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list