Closed Drift91 closed 4 months ago
AEAD CPU usage is neglible with CPUs supporting AES-NI - as in "compression none" would not be faster. A 5-year-old Xeon could easily saturate a 10G link with AEAD encrypted packets, so your i5-9xxx can do so as well.
Not sure what's causing the tunnel to saturate a single core then... Guess I should check the settings on the NIC in Windows. Any ideas?
I just realized something, does the Windows IP stack have to process the tunnel and physical NIC separately? Because CPU usage is roughly double that of with no tunnelling, so I guess the tunnel is just another layer being processed by the CPU.
Alright, speed seems to have picked back up, might have been my ISP's connection being slow or the test server somehow being overloaded at 4AM. Although I don't like the CPU usage, it's clearly not due to the AES encryption.
Hi, are there any plans to enable DCO for unencrypted connections? I'm currently trying to use OpenVPN to tunnel my 1Gbps connection through my 10Gbps VPS to reduce latency due to my ISP refusing to fix their routing. As such security isn't a concern, only performance; everything requiring security on the connection is generally already encrypted via HTTPS. However the tunnel's bandwidth is being throttled due to my client's CPU usage.
With encryption enabled I get roughly 400 to 750 Mbps and it seems to fluctuate, but without encryption I get 200 to 300 Mbps due to lack of DCO support. My CPU is an i5-9600KF overclocked to 5.0GHz, so I'm honestly surprised that it can't handle 1Gbps of encrypted traffic while the VPS only sits at 50% usage.
Edit: I should probably mention that my client is running Windows 10 Pro 22H2 and the VPS is running a fresh install of Ubuntu Server 24.04 with openvpn-as package version 2.14.0-b90cb316-Ubuntu24 reported by apt.