Changes between Version 8 and Version 9 of Gigabit_Networks_Linux
- Timestamp:
- 05/02/11 12:24:55 (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Gigabit_Networks_Linux
v8 v9 59 59 ||24000|| 466 || 259 || 60 60 ||36000|| 470 || 244 || 61 ||48000|| 510|| 247 ||61 ||48000|| '''510''' || 247 || 62 62 ||60000|| 488 || 221 || 63 For the default Blowfish cipher the optimal value for the 'tun-mtu' paramters for a link between these two servers seems to be '''48000''' bytes. 63 For the default Blowfish cipher the optimal value for the 'tun-mtu' parameters for a link between these two servers seems to be '''48000''' bytes. 64 Similarly, for the AES-256 cipher the optimal value is '''24000''' bytes. 64 65 66 === Explanation === 65 67 By increasing the MTU size of the tun adapter '''and''' by disabling OpenVPN's internal fragmentation routines the throughput can be increased quite dramatically. The reason behind this is that by feeding larger packets to the OpenSSL encryption and decryption routines the performance will go up. The second advantage of not internally fragmenting packets is that this is left to the operating system and to the kernel network device drivers. For a LAN-based setup this can work, but when handling various types of remote users (road warriors, cable modem users, etc) this is not always a possibility. 66 68