Community discussions

MikroTik App
 
taco
just joined
Topic Author
Posts: 1
Joined: Sun Jul 11, 2021 11:42 pm

IKEv2 Bandwidth capped

Mon Jul 12, 2021 12:27 am

Hello,

I'm using CCR1036-8G-2S+ connected to symmetric 1Gbps ISP. I've tried to setup IKEv2 Roadwarrior.
After many attempts and tutorials I managed to generate certificates and connect to VPN on Windows 10.
The problem is that bandwidth is limited to ~200Mbps, when in MT specs I can see it's up to ~1400Mbps.
I understand that ~1400Mbps is bandwidth that we can get using specialized equipment, but isn't loss of ~1200Mbps too much?

Speed test to public network - 1Gbps Upload/Download (speedtest.net).
Speed test between MT and office servers (Linux/Windows) - 1Gbps Upload/Download (p4d/samba/sftp/iperf).
Speed test between My PC and office servers (Linux/Windows) - 200Mbps Download (p4d/samba/sftp).

I did My PC test using 3 different windows machines with different ISPs, always 200Mbps top.
When I'm using linux, iperf (tcp) bandwidth between servers in office network is around 940Mbps but from My PC to office server it's much lower - between 2 and 30Mbps.
iperf server window size 128KByte
iperf client window size 85.0KByte

Network plan:
Network.png
MT Config:
export-11-07-2021.rsc
Thanks in advance for any hints.
You do not have the required permissions to view the files attached to this post.
 
andriys
Forum Guru
Forum Guru
Posts: 1526
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: IKEv2 Bandwidth capped

Mon Jul 12, 2021 10:04 am

IPsec encoding of a single TCP stream (connection) is always tied (and thus limited) to a single CPU core to avoid packet reordering. If you run multiple TCP streams in parallel you should be able to get a much higher overall throughput.

Who is online

Users browsing this forum: Ahrefs [Bot], Bing [Bot], cyrq, TheCat12 and 94 guests