RHEL6.7: throughput degration over ipsec tunnel

Solution In Progress - Updated -

Issue

  • We are seeing ~50 mbs throughput using iperf over ipsec from our internal network to KVM environment on rhel 6v7. When we used a rhel 7 instance and increased the replay window size, we see near full throughput.

Environment

  • Red Hat Enterprise Linux 6.7
    • 2.6.32-573.42.1el6.x86_64
  • Server side is KVM VM
  • Strongswan or libreswan IPSEC
    • aesni_intel module used for encryption (aes-sha1)
  • high latency (40ms) WAN
    • this is not noticeable on low latency LANs

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content