[ previous ] [ next ] [ threads ]
 
 From:  Nathaniel Irons <ndi dash l at bumppo dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] our pokey VPN
 Date:  Thu, 22 Jun 2006 10:36:23 -0700 
Mark Jawdoszak (MarkJ at logsysgroup dot com) wrote on 6/22/06, 1:25 AM:

> It's just, we notice a speed decrease if we put a m0n0box in and its
> <1GHz CPU, as it just cant pass the packets fast enough (that's some
> things that are written in the manual).

Are you referring to a VPN-specific speed decrease? Our two m0n0 boxes
were put together by my predecessor, and they are likely sub-1GHz. 

They're the same PC hardware that was in place before performance started
to suffer, though. The jump of 1.5 Mb with our T1 upgrade seemed like too
small a window to push performance over such a cliff, which is why I
hadn't suspected hardware was a factor.

Chris Buechler (cbuechler at gmail dot com) wrote on 6/21/06, 9:20 AM:

> Try iperf and see what kind of throughput you get.

iperf looks terrific. 2.0.2 had compilation trouble on Mac OS X, but 1.7.0
built fine. I ran five tests to and from the office, with and without the
VPN, and pretty well corroborated my earlier results. 

In both cases from home to office, I'm coming within the ballpark of the
768 Kb cap imposed by my enlightened cable provider. The VPN looks
fractionally slower, but far from a problem.

Home to office, with VPN:

    office-reported     home-reported
    688 Kbits/sec       684 Kbits/sec
    695 Kbits/sec       617 Kbits/sec
    695 Kbits/sec       630 Kbits/sec
    683 Kbits/sec       679 Kbits/sec
    684 Kbits/sec       449 Kbits/sec

Home to office, without VPN:

    office-reported     home-reported
    706 Kbits/sec       698 Kbits/sec
    702 Kbits/sec       559 Kbits/sec
    706 Kbits/sec       702 Kbits/sec
    707 Kbits/sec       703 Kbits/sec
    704 Kbits/sec       695 Kbits/sec

Coming back the other way the problem is apparent. Outbound bandwidth at
the office is capped at 3 Mb, which I can approach when I open up port
5001 and circumvent the VPN.

Office to home, with VPN:

    office-reported     home-reported
    44.9 Kbits/sec      45.1 Kbits/sec
    24.5 Kbits/sec      24.5 Kbits/sec
    19.8 Kbits/sec      19.9 Kbits/sec
    35.6 Kbits/sec      35.8 Kbits/sec
    33.5 Kbits/sec      33.6 Kbits/sec

Office to home, without VPN:
    office-reported     home-reported
    2.77 Mbits/sec      2.79 Mbits/sec
    2.51 Mbits/sec      2.53 Mbits/sec
    2.81 Mbits/sec      2.83 Mbits/sec
    2.53 Mbits/sec      2.80 Mbits/sec
    2.74 Mbits/sec      2.76 Mbits/sec

So, if there's anything to be gleaned from the PPTP settings or logs, I'd
appreciate any advice. In the meantime; I'll reiterate a request for some
Soekris replacements for the PC boxes, and try to eliminate the hardware
from the picture.

Thanks,

  -nat