[strongSwan] Throughput on high BDP networks
Martin Willi
martin at strongswan.org
Mon Jun 1 09:49:48 CEST 2015
Hi,
> I can see the multiple kworker threads spread across all 12 cores in
> these fairly high powered systems but I am still dropping packets and
> performance is not much improved.
If all your cores are processing traffic, then pcrypt probably works as
it should.
What does "fairly high powered system" mean? What is the raw crypto
throughput with AES-GCM you can expect on these boxes? Have you
benchmarked UDP traffic to see where the processing limit is?
> I tried to set this up so it would work at boot [...] and it causes a
> kernel panic as soon as we attempt to send traffic through the tunnel -
> every single time.
Most likely a bug in your kernel. The panic details might help to track
this down, but you probably should report this issue to your distro or a
kernel mailing list.
Regards
Martin
More information about the Users
mailing list