Hi,
I have an RB1100x4, which I am trying to use as a VPN server. I am using IPsec SHA1 AES-256-CBC connecting with Windows 10 clients. The connections are establishing fine and everything is working.
However when downloading via SMB3 from the server I am only achieving around 40-80mpbs of a 250mbps line speed. When uploading a file to the server the full 250mbps is achieved.
I have the following in my firewall rules:
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
In mangle I have this:
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=\
out,none out-interface="1 Gigaclear WAN"
An iperf report the following way reports the same thing:
[ 4] local 10.0.5.249 port 64667 connected to 10.0.100.50 port 5201
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-1.00 sec 6.75 MBytes 56.6 Mbits/sec
[ 4] 1.00-2.00 sec 6.00 MBytes 50.3 Mbits/sec
[ 4] 2.00-3.00 sec 7.88 MBytes 66.1 Mbits/sec
[ 4] 3.00-4.00 sec 8.50 MBytes 71.2 Mbits/sec
[ 4] 4.00-5.00 sec 8.12 MBytes 68.2 Mbits/sec
[ 4] 5.00-6.00 sec 8.88 MBytes 74.4 Mbits/sec
[ 4] 6.00-7.00 sec 9.25 MBytes 77.7 Mbits/sec
[ 4] 7.00-8.00 sec 9.88 MBytes 82.8 Mbits/sec
[ 4] 8.00-9.00 sec 8.62 MBytes 72.4 Mbits/sec
[ 4] 9.00-10.00 sec 7.50 MBytes 62.9 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-10.00 sec 81.4 MBytes 68.3 Mbits/sec sender
[ 4] 0.00-10.00 sec 81.3 MBytes 68.2 Mbits/sec receiver
However if I put it into multiple connection mode, I get more like what I would expect:
iperf3 -c 10.0.100.50 -P4
Connecting to host 10.0.100.50, port 5201
[ 4] local 10.0.5.249 port 64693 connected to 10.0.100.50 port 5201
[ 6] local 10.0.5.249 port 64694 connected to 10.0.100.50 port 5201
[ 8] local 10.0.5.249 port 64695 connected to 10.0.100.50 port 5201
[ 10] local 10.0.5.249 port 64696 connected to 10.0.100.50 port 5201
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-1.00 sec 6.25 MBytes 52.4 Mbits/sec
[ 6] 0.00-1.00 sec 1.62 MBytes 13.6 Mbits/sec
[ 8] 0.00-1.00 sec 5.25 MBytes 44.0 Mbits/sec
[ 10] 0.00-1.00 sec 2.75 MBytes 23.0 Mbits/sec
[SUM] 0.00-1.00 sec 15.9 MBytes 133 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 1.00-2.00 sec 5.00 MBytes 42.0 Mbits/sec
[ 6] 1.00-2.00 sec 4.12 MBytes 34.6 Mbits/sec
[ 8] 1.00-2.00 sec 7.38 MBytes 61.9 Mbits/sec
[ 10] 1.00-2.00 sec 4.38 MBytes 36.7 Mbits/sec
[SUM] 1.00-2.00 sec 20.9 MBytes 175 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 2.00-3.00 sec 5.62 MBytes 47.2 Mbits/sec
[ 6] 2.00-3.00 sec 5.88 MBytes 49.3 Mbits/sec
[ 8] 2.00-3.00 sec 6.50 MBytes 54.5 Mbits/sec
[ 10] 2.00-3.00 sec 4.25 MBytes 35.7 Mbits/sec
[SUM] 2.00-3.00 sec 22.2 MBytes 187 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 3.00-4.00 sec 6.00 MBytes 50.3 Mbits/sec
[ 6] 3.00-4.00 sec 7.62 MBytes 63.9 Mbits/sec
[ 8] 3.00-4.00 sec 5.00 MBytes 41.9 Mbits/sec
[ 10] 3.00-4.00 sec 3.00 MBytes 25.1 Mbits/sec
[SUM] 3.00-4.00 sec 21.6 MBytes 181 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 4.00-5.00 sec 7.62 MBytes 64.0 Mbits/sec
[ 6] 4.00-5.00 sec 6.50 MBytes 54.5 Mbits/sec
[ 8] 4.00-5.00 sec 6.12 MBytes 51.4 Mbits/sec
[ 10] 4.00-5.00 sec 3.75 MBytes 31.5 Mbits/sec
[SUM] 4.00-5.00 sec 24.0 MBytes 201 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 5.00-6.00 sec 4.00 MBytes 33.6 Mbits/sec
[ 6] 5.00-6.00 sec 5.62 MBytes 47.2 Mbits/sec
[ 8] 5.00-6.00 sec 4.25 MBytes 35.7 Mbits/sec
[ 10] 5.00-6.00 sec 6.62 MBytes 55.6 Mbits/sec
[SUM] 5.00-6.00 sec 20.5 MBytes 172 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 6.00-7.00 sec 5.25 MBytes 44.0 Mbits/sec
[ 6] 6.00-7.00 sec 6.50 MBytes 54.5 Mbits/sec
[ 8] 6.00-7.00 sec 2.00 MBytes 16.8 Mbits/sec
[ 10] 6.00-7.00 sec 8.88 MBytes 74.4 Mbits/sec
[SUM] 6.00-7.00 sec 22.6 MBytes 190 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 7.00-8.00 sec 3.50 MBytes 29.3 Mbits/sec
[ 6] 7.00-8.00 sec 7.88 MBytes 66.0 Mbits/sec
[ 8] 7.00-8.00 sec 6.75 MBytes 56.6 Mbits/sec
[ 10] 7.00-8.00 sec 7.50 MBytes 62.9 Mbits/sec
[SUM] 7.00-8.00 sec 25.6 MBytes 215 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 8.00-9.00 sec 7.38 MBytes 61.9 Mbits/sec
[ 6] 8.00-9.00 sec 3.25 MBytes 27.3 Mbits/sec
[ 8] 8.00-9.00 sec 6.62 MBytes 55.6 Mbits/sec
[ 10] 8.00-9.00 sec 6.75 MBytes 56.7 Mbits/sec
[SUM] 8.00-9.00 sec 24.0 MBytes 201 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ 4] 9.00-10.00 sec 6.25 MBytes 52.4 Mbits/sec
[ 6] 9.00-10.00 sec 4.50 MBytes 37.7 Mbits/sec
[ 8] 9.00-10.00 sec 7.75 MBytes 65.0 Mbits/sec
[ 10] 9.00-10.00 sec 6.62 MBytes 55.6 Mbits/sec
[SUM] 9.00-10.00 sec 25.1 MBytes 211 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-10.00 sec 56.9 MBytes 47.7 Mbits/sec sender
[ 4] 0.00-10.00 sec 56.6 MBytes 47.5 Mbits/sec receiver
[ 6] 0.00-10.00 sec 53.5 MBytes 44.9 Mbits/sec sender
[ 6] 0.00-10.00 sec 53.4 MBytes 44.8 Mbits/sec receiver
[ 8] 0.00-10.00 sec 57.6 MBytes 48.3 Mbits/sec sender
[ 8] 0.00-10.00 sec 57.5 MBytes 48.2 Mbits/sec receiver
[ 10] 0.00-10.00 sec 54.5 MBytes 45.7 Mbits/sec sender
[ 10] 0.00-10.00 sec 54.4 MBytes 45.6 Mbits/sec receiver
[SUM] 0.00-10.00 sec 222 MBytes 187 Mbits/sec sender
[SUM] 0.00-10.00 sec 222 MBytes 186 Mbits/sec receiver
iperf Done.
If anyone could provide any suggestions or troubleshooting steps i would be most appreciative
Thank you in advance