I recently bought a RB750. Amazing capabilities for the price! It’s the first time i’m using a Routerboard device or RouterOS. Beginning to understand the basics, a lot more advanced than the m0n0wall based routers i’ve used for the last years.
I’ve successfully set up an IPsec tunnel between the RB750 (local) and a m0n0wall router (remote). The m0n0wall box is a PC Engines Alix 2d3. My internet connection bandwidth is about 28 Mbit down and 10.5 up. On the remote site it’s about 18 Mbit down and 3.5 up. When running iperf between one local and one remote computer i’m getting the following results:
Sending traffic TO the remote computer gives a bandwidth of about 10.5 Mbit with CPU usage on the RB750 at about 74% and 92% on the m0n0wall box.
Sending traffic FROM the remote computer gives a bandwidth of just below 1.5 Mbit with CPU usage on the RB750 at 100% and just below 10% on m0n0wall.
This must mean that it takes a lot more processing power to decrypt the traffic than to encrypt it. Without knowing much about encryption one would think that it would be equally “hard” to encrypt and decrypt traffic. Can someone explain this? And are my results what should be expected with this hardware?
Maybe questions about IPsec isn’t beginner basics, but i am an absolute beginner when it comes to both RouterOS and IPsec
We use 750GLs to terminate IPSec tunnels in branch offices, with 1100AHx2 as the concentrators.
From my experience, you should be able to get ~16mbit of IPSec bandwidth using aes128 on the 750GL.
So, as said above, how did you test, and post “/ip ipsec export compact”
Not sure about packet size, just used the default:
iperf -c 192.168.110.10
Client connecting to 192.168.110.10, TCP port 5001
TCP window size: 21.0 KByte (default)
[ 3] local 192.168.10.10 port 35895 connected with 192.168.110.10 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-11.2 sec 1.75 MBytes 1.31 Mbits/sec
