IPIP IPSEC performance

Hi,

Currently I have around ~65MBit connectivity between 2 sites, IPIP/IPsec tunnel work great however I cannot get more than ~20MBit between both sites , I already try to decrease tunnel mtu to 1400 but this really don’t help a lot (for tcp) .

Since I don’t have a lot of experience with vpn performances can someone tell me if this is normal behaviour (1/3 from available bandwidth via vpn), or there is something which can help for it.
IPIP/IPsec is just IPIP with whatever IPsec autconfig is provide from router os.

note: For example between the same 2 sites I have 2 gl.inet small routers with wireguard vpn .. the performance is little better 30 - 40 Mbits however they are backup solutions .. still cannot reach 50 to 60Mbit from 65 Mbits max.

note2: site 1 is hex and site 2 wAP, I know they are not perfect .. however 65Mbit is measure via bwtest between them (i-net) and 20MBit via ipip/ipsec tunnel between them. Site 1 have tones of available bandwidth, site 2 is i 60 - 70Mbits .. aka bwtest show the correct maximum which is expected between both sites/devices

Regards,

hEX, if it’s RB750Gr3, should be capable of 65 Mbps IPIP/IPsec as it has IPsec hardware offload, wAP is not.
With hAP AC, which has a bit more powerful processor than wAP, I’ve been able to reach ~30 Mbps in pure IPsec.

Omg I’m idi.. now I notice the full cpu green bar evrething is clear. Btw before 2 3 months I use cap ac (I think is same as ac2) which die epic with hardware dead .. util I wait for replacment I use the old spear wAP. Look like I should spend a time to replace. Anyway thanks to point me to right direction

Изпратено от моят SM-A505FN с помощта на Tapatalk

\