[strongSwan] Maximum Performance (Bandwidth)
Andreas Steffen
andreas.steffen at strongswan.org
Tue Aug 30 12:08:49 CEST 2011
The IPsec throughput does not depend on strongSwan at all
(being a userland IKE daemon) but on the performance of
the hardware platform, the number of cores available and
preferably a recent Linux version which is able to make
full use of multiple cores. The LinuxTag 2010 paper by
Steffen Klassert gives some benchmark figures:
http://www.strongswan.org/docs/Steffen_Klassert_Parallelizing_IPsec.pdf
Regards
Andreas
On 08/30/2011 11:32 AM, nima chavooshi wrote:
> Hi
> Thanks for your quick reply
> For example, in our test lab,we want to generate 1G traffic between 2
> node.If I conduct this traffic on "ipsec" tunnel, how amount of
> performance will be decreased? maybe 200MG or more.
> anyhow, encapsulation of packets has some overhead on performance.
>
> Thanks in advance
>
> On Tue, Aug 30, 2011 at 1:42 PM, Andreas Steffen
> <andreas.steffen at strongswan.org <mailto:andreas.steffen at strongswan.org>>
> wrote:
>
> Hello Nima,
>
> what do you understand by bandwidth?
>
> - The ESP throughput of encrypted payload packets?
>
> - The IKE throughput of negotiated connections?
>
> Regards
>
> Andreas
>
>
> On 08/30/2011 10:36 AM, nima chavooshi wrote:
>
> Hi
> Before anything,thanks to anyone that contributes to this project.
> How bandwidth can StrongSwan handle?in fact I want to know maximum
> bandwidth that strongswan can handle.
>
> Thanks in advance
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list