On Mon, Aug 30, 2010 at 4:20 AM, <J.Witvliet at mindef.nl> wrote: > Last year i've been doing some experiments with openvpn. > Just as the O.P. I was curious about sustainable throughput, and was disapointed about the results > > To obtain maximum resulst, i did: > - use two rather heavy machines (HP DL380-G6, dual quad core) > - two dedicated 10Gb-nic's > - cross-connect both nics > - DISABLE openvpn-debug (as it is VERY cpu expensive) > - raise MTU to 4K > > Bottleneck was (in my case) the openvpn-process, that was running 100% on a single core, > While network was not saturated. > > So for max throughput, it is probably strongswan (ipsec) or hw-encryption [or both] > What was the bandwidth when the cpu bottlenecked? Were you running a single tcp connection transferring a single file? Or, a mix of traffic with multiple tcp connections, udp traffic, etc? I'm wondering if a more complex traffic mix would get the other cpus working, and increase the total throughput. -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra