Date: Tue, 4 Dec 2001 09:03:50 -0800 (PST) From: Lamont Granquist <lamont@scriptkiddie.org> To: Trent Tobias <tritttrott@yahoo.com> Cc: <freebsd-security@freebsd.org> Subject: Re: Speeding up IPSEC Gateway Message-ID: <20011204090242.B18024-100000@coredump.scriptkiddie.org> In-Reply-To: <20011204124735.46928.qmail@web21206.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
try a recent STABLE from yesterday or today. someone broke TCP in 4.4 and it only recently got fixed. see recent threads in freebsd-hackers for more information. On Tue, 4 Dec 2001, Trent Tobias wrote: > I currently have 3 IPSEC Gateways set up with > 4.4-STABLE running on 1.5GHz machines. It is a fully > meshed setup (all is connected to all via IPSEC ESP > Tunnels, using gif). > > All three boxes have 128kbit connections to the > internet, but it seems like my maximum connection > speed between my 3 local nets only reaches approx > 30kbits/s (i use bing to determine this). > > I realise that encryption/decryption takes its toll in > the kernel relaying the packets, but this slow? > > My only guess is that I am using the wrong parameters > for encryption - I am using the default config for > racoon with longer (8 hours) key lifetimes. > > Trent > > __________________________________________________ > Do You Yahoo!? > Buy the perfect holiday gifts at Yahoo! Shopping. > http://shopping.yahoo.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011204090242.B18024-100000>