I just reran the test again. I still receive about 600Mbps using iPerf however using
client # dd if=/dev/zero bs=1000 count=1000000 | nc -v 172.16.2.2 12345 server # nc -v -l 12345 > /dev/null I get numbers around 350Mbps. I tend to think iPerf is more reliable in this situation. Any ideas why the tests vary so much? -Jim On 9/28/12 9:18 PM, Ryan McBride wrote: > 600Mbps seems about right, I tested a pair of E5649-based boxes to > 550Mbps last year (with aes-128-gcm): > > http://marc.info/?l=openbsd-misc&m=134033767126930 > > You'll probably get slightly more than 600 with with multiple TCP > streams. > > Assuming PF was enabled for your test (the default configuration), the > performance should be about the same with a proper ruleset. Traffic for > existing states won't hit the ruleset at all. > > > On Fri, Sep 28, 2012 at 06:39:14PM -0400, Jim Miller wrote: >> Yes. Let me double check everything again on Monday. Keep in mind that >> all devices had 1Gb ethernet interfaces and everything was directly >> cabled. No pf rules either. w/o ipsec I could get 900mbps through the >> openbsd boxes. >> >> Now you've got me thinking I need to recheck everything. >> >> -Jim >> >> On 9/28/12 5:19 PM, Hrvoje Popovski wrote: >>> Hi, >>> >>> On 28.9.2012 22:09, Jim Miller wrote: >>>> So using another Mac w/ 1Gb ethernet adapter to a Linux box w/ 1Gb eth I >>>> was able to achieve approx. 600Mbps performance through the test setup >>>> (via iperf and my dd method). >>>> >>> 600Mbps via ipsec between two Intel E31220 ?
