Poor IPSec performance with 2.6 kernels

From: Tom Sightler
Date: Wed Aug 27 2003 - 21:39:40 EST

Next message: bill davidsen: "Re: linux-2.4.22 released"
Previous message: Charles Lepple: "HZ and C2 idling [was: Re: [DRIVER 2.6] amd76x_pm rediffed for 2.6.0-test4]"
Next in thread: James Morris: "Re: Poor IPSec performance with 2.6 kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all.

I'm looking for suggestions as to why my IPSec performance is so bad
when using the built in 2.6 IPSec implementation.

My setup is pretty simple, a tunnel with a Watchguard Firebox on one end
and an AMD K6/333 on the other end running Redhat 9. I've used two
different IPsec implementations on the Linux system, one is
SuperFreeS/WAN with a patched Redhat kernel using the available SRPMS
and the other is the built-in 2.6 IPSec code with racoon.

My Internet connection is a DSL circuit that typically delivers about
150KB/s. When I connect with SuperFreeS/WAN my VPN throughput is quite
good, averaging about 125KB/s (this seems about reasonable with
overhead) but when making the identical connection with racoon and the
2.6 kernel I can only achieve 50KB/s. I've been unable to come up with
any reason why this would be the case.

Any hints would be appreciated.

Later,
Tom

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: bill davidsen: "Re: linux-2.4.22 released"
Previous message: Charles Lepple: "HZ and C2 idling [was: Re: [DRIVER 2.6] amd76x_pm rediffed for 2.6.0-test4]"
Next in thread: James Morris: "Re: Poor IPSec performance with 2.6 kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]