[strongSwan] VPN Establishment
Daniel Palomares
palomaresdaniel at gmail.com
Thu Apr 5 19:55:51 CEST 2012
Hello All,
I was wondering to know if : Has someone tried to measure the establishment
time of a VPN Tunnel using strongSwan?
Within a local area network I have tested strongswan and I obtain an
average of 350ms-450ms per single VPN.
By the way, I went further and I tested the usage of "port granularity"
within strongSwan. So I tested it by establishing 1,10,100, 200, 300, 400,
500, 600, 700 and 1000 tunnels by varying the port number. For example,
"conn-100" in *ipsec.conf* would be in charge of any traffic concerning
port 100, "conn-101" for port 101, and so on.
I was surprised when I realized that the time of establishment of the VPN
was raising as the amount of tunnels where numerous.
A question for developers is: Is it a normal behavior that strongSwan would
take more time to establish a VPN when is is loaded, lets say, almost 1
second when 1000 tunnels are established?
I used the command *'time*' to mesure each VPN establishment by performing *'
ipsec up "conn-name"* '.
Any comments are very appreciated !
Thanks
Daniel Palomares
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120405/323983d5/attachment.html>
More information about the Users
mailing list