[strongSwan] Strongswan Speed?

[Chris Babcock]

I didn't see if anyone else responded.  Not a lot of info in your 
question Jody, but I'll give it a stab.  Encryption requires a lot of 
math processing.  If you don't have a hardware accelerator like Intel's 
AESNI that works with strongswan, OpenVPN, and the like, you are using 
your main processor to do a lot of cryptography, which most were not 
designed to do to this point.  A ton of Cisco routers, which are 
expensive, top out at 10-15 Mbps with basic AES128/SHA1 in my tests.  
I've seen modern costing $10-15k Cisco routers only able to handle 
200Mbps(4300 series maybe?).

It would be helpful if you told us what kind of equipment you are using 
and basic info of what your are trying to accomplish, but the answer is 
likely you dont have enough processing power to encrypt and decrypt your 
traffic, at the speed you want.   Your network connectivity is very 
likely not the issue.  Hope that helps.

CB


On 11/9/2016 12:33 AM, Jody Whitesides wrote:
> Is there a speed limit for how fast a VPN connection one should see while using an ikev2 connection? Let’s say that a cellular connection is 50mbps - how fast should Strongswan speeds be? At 100mbps on a wired connection I’m seeing 15mbps through Strongswan. So its reducing the speed significantly. Why?
>
> Anyone?
>
> Jody
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users