Site-2-site L2TP IPSEC VPN speed issue
Posted: Thu Mar 21, 2024 9:05 am
Hi Team,
I hope this message finds you well. I'm reaching out to ask for your expertise and suggestions on an issue I've encountered with my VPN setup.
Setup Details:
VPN Server: CCR1009-7G-1C-1S+ (Product Details)
Client Device: RB5009UPr+S+IN (Product Details)
Bandwidth: Both the VPN server and client sides have a 1/1 Gigabit connection.
Firmware: Both has latest 7.14.1 firmware
Configuration:
IPsec with a pre-shared key
MODBP2024
Encryption: AES256
Cipher: AES256-CBC
Issue:
Without IPsec: The connection performs well, reaching speeds between 600-700 Mbps in both directions.
With IPsec Enabled: Download speeds are around 300 Mbps, but upload speeds drop significantly to around 100 Mbps.
I've noticed that when running a speed test through the VPN link on the RB5009UPr+S+IN, only 1 CPU core is utilized at around 80-89%, while the remaining cores are underutilized (10-30% usage).
I'm puzzled by this performance discrepancy, especially the upload speed bottleneck, and I do not believe it's a hardware limitation.
Does anyone have insights into what might be causing this issue or suggestions on how to improve the performance? Any advice or recommendations would be greatly appreciated.
Thank you in advance for your time and assistance. Looking forward to your friendly advice and suggestions.
Best regards,
I hope this message finds you well. I'm reaching out to ask for your expertise and suggestions on an issue I've encountered with my VPN setup.
Setup Details:
VPN Server: CCR1009-7G-1C-1S+ (Product Details)
Client Device: RB5009UPr+S+IN (Product Details)
Bandwidth: Both the VPN server and client sides have a 1/1 Gigabit connection.
Firmware: Both has latest 7.14.1 firmware
Configuration:
IPsec with a pre-shared key
MODBP2024
Encryption: AES256
Cipher: AES256-CBC
Issue:
Without IPsec: The connection performs well, reaching speeds between 600-700 Mbps in both directions.
With IPsec Enabled: Download speeds are around 300 Mbps, but upload speeds drop significantly to around 100 Mbps.
I've noticed that when running a speed test through the VPN link on the RB5009UPr+S+IN, only 1 CPU core is utilized at around 80-89%, while the remaining cores are underutilized (10-30% usage).
I'm puzzled by this performance discrepancy, especially the upload speed bottleneck, and I do not believe it's a hardware limitation.
Does anyone have insights into what might be causing this issue or suggestions on how to improve the performance? Any advice or recommendations would be greatly appreciated.
Thank you in advance for your time and assistance. Looking forward to your friendly advice and suggestions.
Best regards,