[Swan] Bandwidth problem

Renzo Dani arons7 at gmail.com
Wed Jul 27 09:09:09 UTC 2016 

Hi,
we have a vpn tunnel between two offices, both have an internet 
connection of 100Mbps.
Time to time we have serious issue with very poor bandwidth, the problem 
is not always present, some time we are experience a good bandwidth on 
the vpn too.
So we are currently not able to identify the problem, we already contact 
the two Internet service providers but they simply reply they cannot 
identify any issue on their network.

Iperf  between the two vpn gateways using the tunnel (during problem occurs)
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-1.00   sec   215 KBytes  1.76 Mbits/sec
[  5]   1.00-2.00   sec   195 KBytes  1.60 Mbits/sec
[  5]   2.00-3.00   sec   112 KBytes   920 Kbits/sec
[  5]   3.00-4.00   sec   115 KBytes   942 Kbits/sec
[  5]   4.00-5.00   sec  55.5 KBytes   454 Kbits/sec
[  5]   5.00-6.00   sec  44.7 KBytes   366 Kbits/sec
[  5]   6.00-7.00   sec   134 KBytes  1.10 Mbits/sec
[  5]   7.00-8.00   sec   108 KBytes   887 Kbits/sec
[  5]   8.00-9.00   sec  83.9 KBytes   687 Kbits/sec
[  5]   9.00-10.00  sec   100 KBytes   821 Kbits/sec
[  5]  10.00-10.03  sec  8.12 KBytes  2.02 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-10.03  sec  0.00 Bytes  0.00 bits/sec sender
[  5]   0.00-10.03  sec  1.14 MBytes   957 Kbits/sec                  
receiver

Iperf  between the two vpn gateways using public internet ips at the 
same time as before
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-1.00   sec  9.50 MBytes  79.7 Mbits/sec
[  5]   1.00-2.00   sec  11.2 MBytes  93.6 Mbits/sec
[  5]   2.00-3.00   sec  11.0 MBytes  92.5 Mbits/sec
[  5]   3.00-4.00   sec  11.1 MBytes  93.5 Mbits/sec
[  5]   4.00-5.00   sec  11.2 MBytes  93.6 Mbits/sec
[  5]   5.00-6.00   sec  11.2 MBytes  93.7 Mbits/sec
[  5]   6.00-7.00   sec  11.2 MBytes  93.7 Mbits/sec
[  5]   7.00-8.00   sec  11.2 MBytes  94.0 Mbits/sec
[  5]   8.00-9.00   sec  11.2 MBytes  93.9 Mbits/sec
[  5]   9.00-10.00  sec  11.2 MBytes  93.8 Mbits/sec
[  5]  10.00-10.04  sec   510 KBytes  93.6 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-10.04  sec  0.00 Bytes  0.00 bits/sec sender
[  5]   0.00-10.04  sec   110 MBytes  92.2 Mbits/sec                  
receiver



Our config:

config setup
         nat_traversal=yes
         oe=off
         protostack=netkey
         uniqueids=no

conn our_vpn
         authby=secret
         disablearrivalcheck=no
         ....
         # PHASE 1
         aggrmode=no
         ike=aes256-sha2_256;modp3072
         ikelifetime=8h
         # PHASE 2
         type=tunnel
         phase2=esp
         phase2alg=aes-256-sha2_256;modp3072
         salifetime=2h
         pfs=yes
         auto=start


Thanks for any help/suggestion

Renzo

More information about the Swan mailing list