From: Ken Bantoft (ken_at_freeswan.ca)
Date: Wed Nov 27 2002 - 13:55:35 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 26 Nov 2002, Christopher Lyon wrote:
> Just a basic question but what if I have 30 tunnels that I want to bring
> up using group 2, 3DES and MD5 all using a PSK. The machine is a PIII
> 1.2 with 256 of RAM. Will I have any performance issues? How many more
> tunnels can I go before seeing a hit?
No issues. I run 40-50 tunnels on a P3/1ghz using 3DES/MD5. I know of
people running 500 tunnels on Dual P3/1ghz systems.
You issue is rarely the # of tunnels - it's the traffic. I'm able to do
3mbps sustained of encrypted tunnels with 1-3% CPU usage.
Stats from a P3/1.13ghz Laptop:
klips_info:ipsec_alg_test_encrypt: aes decrypt speed=44032 KB/s
klips_info:ipsec_alg_test_encrypt: aes encrypt speed=44032 KB/s
klips_info:ipsec_alg_test_encrypt: serpent decrypt speed=22016 KB/s
klips_info:ipsec_alg_test_encrypt: serpent encrypt speed=22016 KB/s
klips_info:ipsec_alg_test_encrypt: twofish decrypt speed=34816 KB/s
klips_info:ipsec_alg_test_encrypt: twofish encrypt speed=34816 KB/s
3DES is about 33% as fast as AES, so I would expect your limit would be
around 14.5 MB/sec, or 116 Mbits.
- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
PGP Key: finger ken_at_bantoft.org
"Random numbers should not be generated with a method
chosen at random." -- Donald Knuth,
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBPeTAyliWUusaxGxpAQFu2wP/ebtQUIVXi9EYpT+jTJ7YCKbttAZMQwya
RmRTaXkkupwpG0BMG02i4HFXpvZfxB5EEpC5CD2LKEfrk07opQ+U09lhTY8O/lIA
25uK5q1YL0OboQlW93JjqJYlcw+f4a7Vuk5fr7z0rBZ79JQMtYJIsjJXRBqe8S2D
zha4kji4Ew4=
=gfiS
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Thu Nov 28 2002 - 05:20:52 CET