I did some throughput measurement on Soekris net4501 boxes running
m0n0wall 1.0 and got strange but reproduceable results which I can't
explain. If someone can I'll be all ears...
Available hardware included two net4501, three regular PCs (running
NetBSD and Linux) and some Soekris crypto accelerators (several vpn1211,
a vpn1401 and a vpn1411).
I used ttcp, nttcp and iperf to measure the data throughput. The results
shown here are the arithmetic average of at least three runs each.
Media type was 100baseTX full-duplex.
At first I measured the throughput when directly connecting the non-
host1 -> host3: 86.3 Mbits/sec
host3 -> host1: 93.3 Mbits/sec
host1 -> host2: 83.9 Mbits/sec
host2 -> host1: 91.3 Mbits/sec
host2 -> host3: 86.2 Mbits/sec
host3 -> host2: 93.5 Mbits/sec
I can't explain why data throughput differs depending on the direction
of the dataflow. All systems were idle (apart from running iperf etc.).
I set up a test environment as follows:
host1 <--> net4501 <--> host2 <--> net4501 <--> host3
With IPsec disabled, I got the following results:
host1 -> host2: 9.18 Mbits/sec
host2 -> host1: 9.21 Mbits/sec
host3 -> host2: 18.3 Mbits/sec
host2 -> host3: 10.2 Mbits/sec
host1 -> host3: 9.47 Mbits/sec
host3 -> host1: 17.1 Mbits/sec
Hmm, strange differences again...
I established a IPsec tunnel (ESP/3DES/MD5/noPFS) between the two
net4501 systems. The results were as follows:
# without accelerator cards
host1 -> host3: 1.26 Mbits/sec
host3 -> host1: 1.83 Mbits/sec
# vpn1211 each
host1 -> host3: 1.73 Mbits/sec
host3 -> host1: 3.52 Mbits/sec
# vpn1401 <--> vpn1211 (kernel failed to initialise vpn1411...)
host1 -> host3: 1.74 Mbits/sec
host3 -> host1: 3.39 Mbits/sec
That's much less than I had expected. What could be the problem?
Help is appreciated!
$ ((RANDOM%6)) || rm -rf ~