[Swan] Libreswan Performance tests
Muenz, Michael
m.muenz at spam-fetish.org
Mon Jan 12 12:29:18 EET 2015
Am 12.01.2015 um 10:46 schrieb Muenz, Michael:
> Am 09.01.2015 um 17:28 schrieb Paul Wouters:
>>
>> So using phase2alg=aes_gcm128-null will be interesting. It might get you
>> a little closer to 1Gbps provided you are CPU bound. If it remains at
>> 902 Mbit/s your CPU is not your limiting factor.
>>
>
> Here are my results with 9000 (1GBit IF) AES128GCM-NULL:
> ------------------------------------------------------------
> Client connecting to 10.12.11.100, TCP port 5001
> TCP window size: 416 KByte (WARNING: requested 512 KByte)
> ------------------------------------------------------------
> [ 3] local 10.12.10.100 port 52361 connected with 10.12.11.100 port 5001
> [ ID] Interval Transfer Bandwidth
> [ 3] 0.0- 1.0 sec 107 MBytes 897 Mbits/sec
> [ 3] 1.0- 2.0 sec 108 MBytes 908 Mbits/sec
> [ 3] 2.0- 3.0 sec 108 MBytes 909 Mbits/sec
> [ 3] 3.0- 4.0 sec 108 MBytes 908 Mbits/sec
> [ 3] 4.0- 5.0 sec 108 MBytes 909 Mbits/sec
> [ 3] 5.0- 6.0 sec 108 MBytes 907 Mbits/sec
> [ 3] 6.0- 7.0 sec 108 MBytes 908 Mbits/sec
> [ 3] 7.0- 8.0 sec 108 MBytes 909 Mbits/sec
> [ 3] 8.0- 9.0 sec 108 MBytes 908 Mbits/sec
> [ 3] 9.0-10.0 sec 108 MBytes 909 Mbits/sec
> [ 3] 0.0-10.0 sec 1.06 GBytes 907 Mbits/sec
>
>
Forget my last mail with all values for 9000, the clients had mtu 1500.
My Catalyst was not able to also route mtu 9000 so I did a crossover,
but rebooted clients bevore.
Now here the results with 9000 and no tuning, things go bad...
Here are my results with 9000 (1GBit IF) AES128GCM-NULL:
------------------------------------------------------------
Client connecting to 10.12.11.100, TCP port 5001
TCP window size: 416 KByte (WARNING: requested 512 KByte)
------------------------------------------------------------
[ 3] local 10.12.10.100 port 44873 connected with 10.12.11.100 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0- 1.0 sec 78.6 MBytes 660 Mbits/sec
[ 3] 1.0- 2.0 sec 78.4 MBytes 657 Mbits/sec
[ 3] 2.0- 3.0 sec 78.5 MBytes 659 Mbits/sec
[ 3] 3.0- 4.0 sec 78.4 MBytes 657 Mbits/sec
[ 3] 4.0- 5.0 sec 78.6 MBytes 660 Mbits/sec
[ 3] 5.0- 6.0 sec 78.5 MBytes 659 Mbits/sec
[ 3] 6.0- 7.0 sec 78.4 MBytes 657 Mbits/sec
[ 3] 7.0- 8.0 sec 78.4 MBytes 657 Mbits/sec
[ 3] 8.0- 9.0 sec 78.4 MBytes 657 Mbits/sec
[ 3] 9.0-10.0 sec 78.4 MBytes 657 Mbits/sec
[ 3] 0.0-10.0 sec 785 MBytes 658 Mbits/sec
Here are my results with 9000 (1GBit IF) AES256-XCBC:
------------------------------------------------------------
Client connecting to 10.12.11.100, TCP port 5001
TCP window size: 416 KByte (WARNING: requested 512 KByte)
------------------------------------------------------------
[ 3] local 10.12.10.100 port 44901 connected with 10.12.11.100 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0- 1.0 sec 76.6 MBytes 643 Mbits/sec
[ 3] 1.0- 2.0 sec 76.8 MBytes 644 Mbits/sec
[ 3] 2.0- 3.0 sec 76.5 MBytes 642 Mbits/sec
[ 3] 3.0- 4.0 sec 76.6 MBytes 643 Mbits/sec
[ 3] 4.0- 5.0 sec 76.5 MBytes 642 Mbits/sec
[ 3] 5.0- 6.0 sec 77.0 MBytes 646 Mbits/sec
[ 3] 6.0- 7.0 sec 76.5 MBytes 642 Mbits/sec
[ 3] 7.0- 8.0 sec 76.6 MBytes 643 Mbits/sec
[ 3] 8.0- 9.0 sec 76.5 MBytes 642 Mbits/sec
[ 3] 9.0-10.0 sec 76.5 MBytes 642 Mbits/sec
[ 3] 0.0-10.0 sec 766 MBytes 643 Mbits/sec
Michael
More information about the Swan
mailing list