ensnare

Asked: 2015-03-02 17:24:06 +0800 CST2015-03-02 17:24:06 +0800 CST 2015-03-02 17:24:06 +0800 CST

IPSec bandwidth between two Pfsense hosts has predictable, variable bandwidth

I have a IPSec tunnel between two Pfsense machines. Both machines are connected to a 100mbps symmetrical connection. The latency between the two routers is ~70ms. I'm using AES-GCM-128 and SHA1, both machines support hardware acceleration of AES and CPU usage remains < 5%. But I'm having the strangest problem..

Bandwidth peaks around 6MB/s, then gradually decreases to 2MB/s, then gradually increases again to 6MB/s. It's a predictable sine wave. How can I get my bandwidth more consistent?

I tried enabling/disabling compression (currently disabled), playing with the MSS-clamp and MTU settings (1500/1460 respectively) and there doesn't seem to be a difference.

When I download a file directly through the public internet, I get 11MB/s which is closer to my 100mbps max.

What are some things I can try?

IPSec bandwidth between two Pfsense hosts has predictable, variable bandwidth

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

IPSec bandwidth between two Pfsense hosts has predictable, variable bandwidth

0 Answers