Changes between Version 6 and Version 7 of Gigabit_Networks_Linux


Ignore:
Timestamp:
05/02/11 12:18:23 (13 years ago)
Author:
JJK
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Gigabit_Networks_Linux

    v6 v7  
    3434By switching to the cipher '''aes-256-cbc''' the performance drops even further to '''126 Mbps'''. These results were obtained on the two E5440 based servers.
    3535
     36== Tweaked setup ==
     37the first tweak made was:
     38 * increase the MTU size of the tun adapter ('--tun-mtu') to 6000 bytes. This resembles JumboFrames on a regular Ethernet LAN. Note that the MTU size on the underlying network switches was '''not''' altered.
     39 * disable OpenVPN's internal fragmentation algorithm using '--fragment 0'.
     40 * disable OpenVPN's 'TCP Maximum Segment Size' limitor using '--mssfix 0'.
     41
     42{{{
     43  openvpn --dev tun --proto udp --port 11000 --secret secret.key --ifconfig 192.168.222.11 192.168.222.10
     44    --tun-mtu 6000 --fragment 0 --mssfix 0
     45}}}
     46and client
     47{{{
     48  openvpn --dev tun --proto udp --port 11000 --secret secret.key --ifconfig 192.168.222.10 192.168.222.11 --remote server
     49    --tun-mtu 6000 --fragment 0 --mssfix 0
     50}}}
     51Now an '''iperf''' result of '''307 Mbps''' is obtained.
     52
     53By playing with the '--tun-mtu' size we obtain
     54||=  MTU= ||= Blowfish =||= AES256 =||
     55||= 1500=|| 158 || 126 ||
     56||= 6000=|| 307 || 220 ||
     57||= 9000=|| 370 || 249 ||
     58||=12000=|| 416 || 252 ||
     59||=24000=|| 466 || 259 ||
     60||=36000=|| 470 || 244 ||
     61||=48000=|| 510 || 247 ||
     62||=60000=|| 488 || 221 ||
    3663
    3764
     65