Hello,
We have two offices connected via high latency high speed WAN links. This WAN links show good speed only with multiple connections.
Offices connected via GRE+Ipsec tunnel. For file copy we use Windows10 PC’s with network adapter that support Receive Side Scaling (RSS) and SMB Multichannel (4 network connections simultaneously).
But I found that when copying through a tunnel, there’s no increase in file copy speed from using multiple connections.
The tunnel between routers is still a single connection.
Why?
How do you make the tunnel use multiple connections?
You cannot make a single tunnel use multiple connections, but you may try to spread the traffic among multiple tunnels - check this similar topic for inspiration. In your case, you may use just L3 tunnels and per-connection-classifier to spread the individual TCP sessions established by SMB Multichannel among them, instead of bonding with balance-rr over EoIP tunnels, but the latter way doesn’t depend on the SMB Multichannel.
>>you may try to spread the traffic among multiple tunnels
but many tunnels will require many public ip-addresses… and I may need 8 or 16 connections to fully utilize wan link…
maybe there’s a way to create tunnels not on different ip-addresses, but on different ports of the same address?
>>You cannot make a single tunnel use multiple connections,
I’m very surprised that there is no type of tunnel that can use multiple channels.
The problem of long-delay links (and TCP sessions over them) is unrelated to the use of a VPN, at least when that VPN is not running over TCP.
I see a brief mention of GRE/IPsec in the first post. That type of VPN should not be affected by delay and it should be possible to run multiple TCP sessions over it in parallel.
Unless some intermediate party is limiting traffic (other than the limits imposed by the delay), there should be no issue.
Of course there can be other reasons for performance limits, e.g. to try to setup such a tunnel on the old-style hardware without crypto accelleration.
Sorry, I’ve missed the “high latency” part when reading the OP. Therefore, the remark about traffic engineering per connection is totally irrelevant, and also the use of bonding with balance-rr would be useless. I.e. only the SMB Multichannel can increase the throughput on a high latency path.
