I have configured Site-to-Site ikev2 VPN between two routers (Soekris
net5501-70).
Over the internet my transfer speed between these machines is up to 5000KB/s
(it is OK).
Over the VPN it is up to 400KB/s only.
Is there any way to squeeze more performance out from these hardware and speed
up the VPN?
Tested with netcat:
$ nc 10.0.15.254 1234 < 49MB.test
$ nc -l 1234 > 49MB.test
$ cat /etc/iked.conf
ikev2 quick active esp from $local_gw to $remote_gw \
from $local_lan to $remote_lan peer $remote_gw \
psk "pass"
$ dmesg | head
OpenBSD 6.3 (GENERIC) #0: Wed Apr 25 16:38:25 CEST 2018
rdk@RAC_fw63:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Geode(TM) Integrated Processor by AMD PCS ("AuthenticAMD" 586-class) 500
MHz
cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX,MMXX,3DNOW2,3DNOW
real mem = 536363008 (511MB)
avail mem = 512651264 (488MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 20/80/26, BIOS32 rev. 0 @ 0xfac40
On Wed, 24 Oct 2012 10:28:43 +0000 (UTC)
Stuart Henderson <s...@spacehopper.org> wrote:
> On 2012-10-24, Michael Sideris <urg...@gmail.com> wrote:
> > Also, OpenBSD 5.2 is around the corner and you never know what that might
> > bring.
>
> There's a commit from just after 5.2 which is relevant to some
> packet forwarding setups, which might be of interest..
>
> http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ip_input.c?r1=1.197;f=h#rev1.197
>
--
radek
