IPSec tunnel slow in real world compaired to bandwidth test

Posted: Wed Dec 30, 2020 4:52 pm
by nasdude
I've created a IPSec tunnel (pure IPSec tunnel, no pptp, l2tp etc) between my local LAN and another remote LAN

LAN1 - Mikrotik Router-A (direct with public IP) -> Internet

LAN2 - Mikrotik Router-B (internal ip range) -> ISP Router -> Internet

Mikrotik-B initiates the tunnel and I can communicate between LAN1 and LAN2

Running a bandwidth test on the mikrotik devices with UDP I get 25/250mbit/sec (up/down which is the limit of home home internet connection)
Ok, this is UDP, with TCP I'm geting 25/100mbit/sec roughly.

I expected my tunnel to have that kinda speed, but when copying files from LAN1 to LAN2 I'm getting stuck at about 20mbit/sec.

CPU loads on the routers is around 50% when the tunnel is used

any idea how I could improve this?