On Mon, Aug 30, 2010 at 4:20 AM, J.Witvliet@mindef.nl wrote:
Last year i've been doing some experiments with openvpn. Just as the O.P. I was curious about sustainable throughput, and was disapointed about the results
To obtain maximum resulst, i did:
- use two rather heavy machines (HP DL380-G6, dual quad core)
- two dedicated 10Gb-nic's
- cross-connect both nics
- DISABLE openvpn-debug (as it is VERY cpu expensive)
- raise MTU to 4K
Bottleneck was (in my case) the openvpn-process, that was running 100% on a single core, While network was not saturated.
So for max throughput, it is probably strongswan (ipsec) or hw-encryption [or both]
What was the bandwidth when the cpu bottlenecked? Were you running a single tcp connection transferring a single file? Or, a mix of traffic with multiple tcp connections, udp traffic, etc? I'm wondering if a more complex traffic mix would get the other cpus working, and increase the total throughput.