[strongSwan] VPN Performance over WAN (jitter)

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Fri May 12 15:01:28 CEST 2017

Hi Christian,

On 12.05.2017 14:36, Christian Hanster wrote:
>> You can't, because no VPN packets go through strongSwan.
> Ok. So this is because strongswan is using Linux kernel for encryption and packet routing?! 

Yes. And you should know it, because the introduction mentions it quite broadly.

> Ok I changed the connection to make it faster (config is added below). However I can see no change in the performance with varying delay in the network...

That's not what I was referring to with "faster (lower CPU load)". It means the cryptographic part
of the transformation happens faster, because AES is usually hardware accelerated on modern processors.
Of course that doesn't say if it's faster, if your HW acceleration doesnt's support the different operations
that make up AES-GCM.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170512/9262bf9a/attachment.sig>

More information about the Users mailing list