I have an IPSec site-to-site vpn connection setup where both the VPN gws are VyOS
VyOS-1 <-----> VyOS-2
| – ---- – - - ---- |
sw1 – – - – - - - sw2
| – - — ---- - ---- |
sevr1 ----- server2
When testing iperf on my servers passing by IPsec tunnel, I get bandwidth up to 1 Gbps.
What is the maximum performance that is supported by ipsec site to site tunnel in vyos?
erro: system acceleration qat is not configured
Is vyos by default cannot go up to 1gpps with IPsec tunnel ? Because I saw already in the vyos forum that there are a lot of cases like mine, so I wonder if the max performance of ipsec is 1gps
VyOS does not implement any restrictions.
Are all interfaces involved more than giabitEthernet?
yes, it’s 10gb peer interface
Try different encryption|hash parameters
for example
set vpn ipsec esp-group MyESPGroup proposal 1 encryption aes128
set vpn ipsec esp-group MyESPGroup proposal 1 hash sha1
Also check CPU utilization during the test
"sudo top" and press "1"