[strongSwan] Big packet loss under load
Roland Mas
lolando at debian.org
Wed May 28 18:15:42 CEST 2014
Roland Mas, 2014-05-15 18:00:11 +0200 :
[...]
> Using iperf in UDP, I get <0.01% packet loss until 200 Mb/s, then it
> increases to 1-10% (varying across runs) at 300 Mb/s. However, this
> seems to have no impact on a ping running in parallel.
>
> Nothing significant in the kernel logs, and there don't seem to be
> anything about conntracking in the netfilters. nf_conntrack_max is
> set at its default value (65536), so we should be fine from that
> perspective.
>
> Any other hint?
For those following at home: it's quite possible that my problem was
due to a misconfiguration of the VMs' MAC addresses; in any case, the
pressing need for something functional (even if less secure) led us to
give up on StrongSwan for now. I'm sorry about that, but now I know
that StrongSwan is not actually that scary, I'm likely to try again at
some time in the future.
Thanks for the advice!
Roland.
--
Roland Mas
Sauvez les castors, tuez les bûcherons.
More information about the Users
mailing list