Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick IPsec Throughput: Difference between revisions

FireBrick IPsec Throughput (view source)

Revision as of 15:12, 17 January 2017

1,099 bytes added ,  17 January 2017
m
no edit summary
mNo edit summary
mNo edit summary
 
 
!!==Other notes on throughput==
If an IPsec connection is slow, it is useful check a few other things. Latency can have large impact on eg a TCP connection so it's good to:
*Try a ping with a large payload (eg 1400 bytes)
*The window buffer size needs to be larger the larger the latency, as it needs to be able to support holding data for the whole round-trip-time. see below
 
 
===Window Buffer Size===
Increasing the window size may help with throughput.
 
The window buffer size needs to be larger the larger the latency, as it needs to be able to support holding data for the whole round-trip-time.
The way TCP works is that the sender is not allowed to send more data than would fit in the receiver's incoming TCP window (which the sender knows the size of).
The sender only gets to know how much room is left in the receiver's buffer after each ACK comes back, which is the round-trip time since the data was sent
Which means there can never be more data in flow than would fit in the receiver's buffer.
This used to be a problem with older MS-windows machines which had small TCP windows - but is less of a problem now.
 
 
[[Category:FireBrick_IPsec|Throughput/Speed]]
AA-Andrew
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,270

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/11683