On Tue, 2006-06-27 at 10:18 +0200, Eric Spakman wrote: > Hello Ronny, > > > > No i have not tested that since i can not remove the old hardware before > > this new box works. but i have tested iperf outside the tunnel (using a > > dnat rule in the remote shorewall) tru both the old and new hardware. > > > > and then the new box performs just as well, and often sligthly better then > > the old one. also tests on local ethernet shows ~99 mbit thruput thru both > > old and new box. > > > > i only notice the speed reduction when i go thru the openswan tunnel. i > > think that means it can't be a shorewall or nic issue, but perhaps a > > openswan issue. are there any difference in the default crypto performance > > 2.4.18 vs 2.4.32 or the crypto used in freeswan vs > > openswan ? i thougth both used 3des+md5 > > > There are no differences in performance that I know of, also openswan is > based on freeswan and uses the same underlying "core". > Maybe the old NIC has some sort of hardware crypto support (maybe I'm > talking rubish here ;)
same nics, same driver in the kernel :) thanks for all your help anyway, it's greatly apriciated. seams it wasn't a easy answer afterall :/ im going to configure a second openswan box and test openswan to openswan to see if there is a difference, since how it is now it's plain useless. Ronny Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
