Re: OpenVPN throughput

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



  On 08/19/10 7:29 AM, Boris Epstein wrote:
> We have two old PIII-class machines that are being tested for the role
> of the gateways. We have put new 1 Gbit NIC's in them and they work
> find for everything (data transmission, DHCP, DNS, routing) except the
> VPN. When traffic goes through the VPN the OpenVPN process goes to 99%
> CPU on the server, about 70% CPU on the client and the effective
> transmission rate goes down to about 6 MB/s whereas in non-VPN mode it
> can be as high as 50+ MB/s (the top for the 1 Gbit/s is, obviously,
> 125 MB/s hence with the VPN we are down to about 5% of the capacity).

encryption is CPU intensive.   you might get a little better throughput 
if you can force Blowfish cypher over whatever else as it is somewhat 
lower in CPU overhead, and still considered decently strong, but you 
still likely won't get wire speed.  heck, you can't get wirespeed doing 
a simple http bulk transfer over gigE with a p3.

note going from P3 to early P4, you need to at least double the clock 
speed to get about the same performance..   I wouldn't touch a p4 under 
2.8Ghz for this.  The Core line of CPUs are considerably faster per 
clock than the P4's.   AMD's athlon64/opterons perform much better than 
P4's at the same clock speeds.




_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux