I am looking for a solution to meet a set of requirements, or close to it. I intend to have a hub router (something virtual), that customer spoke routers can connect to via IP tunnel and IPSEC encryption. At the moment im thinking i need to support 1gb of bandwidth total and allow varrying sizes of residential and business class cable/dsl connections to achieve close to their alloted bandwidth. I could have users with 300mbps cable connection, so I would want to get them as close to that 300mbps they can get nativley over the hub/spoke solution.
My current hub ive tested is CHR on an esxi host using 8 cpus and 2gb memory. My test spoke is a CCR1009-8G with a 300mbps cable connection. using IPIP and IPSEC (with the simplest encryption settings) I seem to only manage 150mbps or so. With just IPIP and no encryption i can get 200mbps or a little more.
So here I am asking what sort of virtual set up would i need to be able to handle 1gb of total bandwidth (aggregate from multiple spokes) using IPIP+IPSEC? What would I need to achieve a 300mbps throughput using a multithread TCP session?