I have two RB1100AHx2(OS 5.
, named MT06, MT01
Two laptops
laptop1: IntelCore i7-2720QM@2.2Ghz, 8GB memory, linux kernel 3., iperf 3.
laptop2: IntelCore i7-2637M@1.7Ghz, 8GB memory, linux kernel 2.6, ipef 2.0.4
MT06/eth11—MT01/eth11
laptop1–MT06/eth7
laptop2–MT01/eth7
IPSec VPN is set up between MT06 and MT01(sha1, AES-128)
I followed all the instructions of “Hardware encryption”(http://wiki.mikrotik.com/wiki/Manual:IP/IPsec#Hardware_encryption)
The maximum throughput I get is 460Mbps, not as stated as 820Mbps
Any idea how can I get 820Mbps?
BTW, I can get 930Mbps when connected two laptops to the same MikroTik switch group(MT06/eth3, eth4), without VPN and routing settings
mrz
2
First you need to install latest RouterOS version.
Then it depends on packet size and on protocol. It was UDP or TCP?
First you need to install latest RouterOS version----upgraded to 5.19, the same result
Then it depends on packet size and on protocol. It was UDP or TCP?—packet size 1448byte, TCP
Tried with aes-256, the same result.
laptop1
#iperf -c 10.50.112.100 -P 30
laptop2
#iperf -s
mrz
4
Ofcourse TCP will be much slower, you will never get 800Mbps with TCP. 460Mbps TCP is good result.
Out of curiosity, and in case you still have the test setup running, how does it perform with MD5 instead SHA1?
On earlier occasions, tests have shown that RouterOS gets surprisingly high differences between MD5 and SHA1 (not so surprisingly in the favor of MD5)
test shows no big difference between sha1 and md5