Hi! You can hit wire speed if your chosen crypto works fast enough on your CPU. Make sure that every component in the software stack lets you use your CPU hardware encryption acceleration. I use iperf and wireshark for network troubleshooting as it can let you narrow down to the bottleneck instead of single-value benchmarks. For fast and dirty tests I use SCP of large files with random data and ping in "flood" mode with minimum packet size. Please note that OpenVPN is largely user space application and handing billions of packets back and forth to the kernel always has it's price, not just in cpu load, but in scalability, latency and packet loss. And also there are not so many folks around with site-to-site experience on Gigabit speed I suppose. IPsec is de-facto standard for such connections (sometimes under vendor's marketing name).
Thank you. On Sun, Jan 30, 2022 at 7:41 PM Bo Berglund <bo.bergl...@gmail.com> wrote: > I have two LAN sections on different locations with IP 192.168.119.0/24 > and > 192.168.117.0/24 respectively. > The two sites will be connected using OpenVPN with 119 being the sever > side and > 117 the client. Routing between them will be configured. > > On the client side the VPN connection will be done through the LAN router > (an > ASUS RT-AC68U) towards the server side Linux OpenVPN server. > Thus all LAN clients on the client side (117) will have access to the whole > server side (119) LAN. > > And the reverse is also true thanks to settings in the Linux Server where > the > remote client via a ccd directive will cause a route to be set up (see > previous > thread "LAN-LAN connection via ASUS Router OpenVPN?" on this list). > > So the two LAN sections will be fully interconnected. > Both sides are set up to route Internet trafic through their respective > local > gateways to get full fiber speed to the Internet. > > I have run a device test for the connectivity using two Internet > connections at > home and this works out well. But I cannot test speed here because of the > connection limitations. > > Now I am wondering in preparation for deploying the routing system: > > Given that both sites will have 250/250 Mbps fiber connections, what will > be the > expected throughput between the two LAN:s for internal LAN-LAN data > transfers? > > The Ookla Speedtest measured Internet access speed on the server side via > its > ASUS RT-AC86U router conforms to the subscribed speed (250/250). > > PS: > What is the best way to test a LAN-LAN transfer speed? > There are no speed test servers available locally.... > Timing of big file transfers maybe? > > > -- > Bo Berglund > Developer in Sweden > > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users > -- Bogdan Rudas Director of IT Europe Exadel Inc. http://www.exadel.com/ E-mail: bru...@exadel.com Skype ID: bogdan.rudas -- CONFIDENTIALITY NOTICE: This email and files attached to it are confidential. If you are not the intended recipient you are hereby notified that using, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error please notify the sender and delete this email.
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
