EdgeRouter: OpenVPN site-to-site performance

By | March 30, 2016

As a result of setting up my site-to-site VPN see this it is much easier to transfer things from one site to the other.

The questions that came to mind were:
What is the bandwidth of my VPN ?
What is the limiting factor ? My ISPs or the Edge Router ?

To answer to the above I used the iperf3 a tool that is already available on the EdgeRouter.
Site 1 that has an 500Mbps/25Mbps link will be used as the client.
Site 2 that has an 120Mbps/6Mbps link will be used as server.

I do this because I do not want to be limited by the 6Mbps uplink from Site 2. In this setup Site 1 pushes data onto the Site 2 so the limiting links will be the 25Mbps upload from Site 1 and the 120Mbps download on Site 2.
Note that Site 2 iperf3 must be executed first the Site 1 iperf3 command will start sending data.

Bellow the output from Site 2:

Bellow the output from Site 1:

So the result is a bit over 8Mbps/8Mbps symmetric link.

In conclusion:
1. There is no limit due to the ISPs. 8Mbps is bellow both limiting links, the 25Mbps upload from Site 1 and the 120Mbps download on Site 2.
2. This is quite low bandwith, consistent with the fact that there is no hardware acceleration for OpenVPN site-to-site in EdgeRouter.
3. Strange that I did not notice a 100% CPU utilization on any of the routers, the highest peak went to 70% on the client site.
4. There are probably ways to improve this link.


