On Fri, 20 Nov 2015, Rohan Shethia wrote:
I wanted to know what is the maximum number of IPSec tunnels supported by Libreswan.
The number of tunnels does not matter. IKE packets happen once an hour per tunnel. The real CPU usage is the actual encrypted traffic, so that is the only maximum you will hit. And that partially depends on hardware and partially onl cipher selection of ESP. If you have AESNI hardware and use aes_gcm, we have pushed 5.25 Gbits/sec for a single IPsec SA (when having multiple tunnels, it should get better because different SA's run on different CPU's). Note that the nic hardware and tuning also matters a lot. See https://libreswan.org/wiki/Benchmarking_and_Performance_testing Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
