Hey I have 1 D3000 in LA and 1 D3700 in NYC set up with a site to site ipsec tunnel, then bgp advertises all my routes for each site. I can traverse the tunnel. but the speeds are crazy slow. both sites have a 10g line. if i place 2 iperf box's straight on out pubic ip i can get at least 600MB across once the iperf box's get behind the fg my speeds max out at like 28MB.
I have 2 computers connected straight to my firewalls with 10g Ethernet.
.\iperf3.exe -c 192.168.205.2 Connecting to host 192.168.205.2, port 5201 [ 4] local 192.168.220.2 port 50293 connected to 192.168.205.2 port 5201 [ ID] Interval Transfer Bandwidth [ 4] 0.00-1.00 sec 2.12 MBytes 17.8 Mbits/sec [ 4] 1.00-2.00 sec 3.62 MBytes 30.4 Mbits/sec [ 4] 2.00-3.00 sec 3.50 MBytes 29.4 Mbits/sec [ 4] 3.00-4.00 sec 3.50 MBytes 29.4 Mbits/sec [ 4] 4.00-5.00 sec 3.75 MBytes 31.3 Mbits/sec [ 4] 5.00-6.01 sec 3.38 MBytes 28.3 Mbits/sec [ 4] 6.01-7.01 sec 3.50 MBytes 29.2 Mbits/sec [ 4] 7.01-8.01 sec 3.62 MBytes 30.5 Mbits/sec [ 4] 8.01-9.01 sec 3.62 MBytes 30.4 Mbits/sec [ 4] 9.01-10.01 sec 3.50 MBytes 29.4 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth [ 4] 0.00-10.01 sec 34.1 MBytes 28.6 Mbits/sec sender [ 4] 0.00-10.01 sec 34.1 MBytes 28.6 Mbits/sec receiver tracert 192.168.205.2 Tracing route to MACMINI-15A2CC [192.168.205.2] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 192.168.220.1<<<<gateway on the fg 2 69 ms 69 ms 69 ms 172.30.1.1<<<<bgp ip of NY side 3 69 ms 69 ms 69 ms MACMINI-15A2CC [192.168.205.2] <<<<< Iperfserver in NY.
the 192.168.2xx.2 ip's are in my LAN zone talking to the VPN zone rules fallow
edit 200 set uuid 10f7ecc4-c2cb-51e8-f87e-ebf24a5238f5 set srcintf "VPN" set dstintf "LAN" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ALL" next edit 201 set uuid 11234fb8-c2cb-51e8-5ace-4ba96a214c95 set srcintf "LAN" set dstintf "VPN" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ALL" next end
any info or things i should poke around in. also have had users try and move a few files back and forth and they see about the same max speeds i know this should be way faster whats going on?
No comments:
Post a Comment