[Openswan Users] IPSec Traffic Slow in one direction
Paul Wouters
paul at xelerance.com
Thu Mar 15 16:39:01 EDT 2007
On Thu, 15 Mar 2007, Harald Scharf wrote:
> After solving the MTU problem with your help (thanks for this, and yes:
> the NAT box droped the icmp frag...),
good.
> In my setup, using padlock_aes as accelerator, the ipsec traffic is 2-3
> times faster sending than receiving.
>
> When I copy a file with scp to a server behind the vpn, I get about
> 30-40 MBit/s,
>
> but when I transfer the same file from the server to the client, the
> speed is
>
> at about 15 to max. 20 MBit/s.
>
>
> The error counters on the interfaces are all zero, dmesg does not tell
> anything unusual.
>
> What I can tell is, that the "sending" bandwidth is exactly the same, as
> when I do NOT use padlock_aes.
>
> My esp setting is aes128-sha1.
Nothing comes to mind immediately. It would require a good reproducable
setup and careful testing to figure out what might be the problem.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list