Hi 'tinc users' I'm new whit tinc and this mail-list. I like to build a vpn over the internet between two sites in Holland and Germany. Are there some experience whit the performance (turn-a-round en bandwidth) of a link. I want to use it for a 1,5Mb connection. Greetings, Fred Krom. - Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://ftp.nl.linux.org/pub/linux/tinc/
On Mon, Feb 12, 2001 at 02:49:48PM +0100, Fred.Krom@ict.nl wrote:> I'm new whit tinc and this mail-list. > I like to build a vpn over the internet between two sites in Holland and > Germany. Are there some experience whit the performance (turn-a-round en > bandwidth) of a link. I want to use it for a 1,5Mb connection.A 486 DX2/66 computer running tinc will show around 10 ms extra delay if it is pinged via tinc instead of directly. The maximum throughput on the same computer is around 0,6 Mbit/s whereas an ssh connection (with OpenSSH) has a maximum throughput of 0,5 Mbit/s. Ofcourse, you are using totally different machines. But since the throughput of ssh and tinc roughly is the same (because both are spending 99% of their time doing the same kind of encryption), you can measure the speed with ssh: Just copy a large file and see how long it takes, or try to send lots of data and use a network analysis tool to measure the used bandwith. A quick experiment shows that my P200 can handle at least 2 Mbit/s. At least, because it is the maximum bandwith of the connection to the rest of the internet I have here :). The delay caused by tinc should decrease as much as the speed increases if you're using faster machines. ------------------------------------------- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.warande.net> ------------------------------------------- See also: http://tinc.nl.linux.org/ http://www.kernelbench.org/ ------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010213/d58d3d6b/attachment.pgp
For example:>From me (2Mb) to Guus (2Mb) over a public network (UUnet):--- warande3094.warande.uu.nl ping statistics --- 10 packets transmitted, 10 packets received, 0% packet loss round-trip min/avg/max = 38.699/65.837/130.430 ms --- 10.1.1.1 ping statistics --- 10 packets transmitted, 10 packets received, 0% packet loss round-trip min/avg/max = 61.526/198.266/390.513 ms This is partly caused by the hardware (Guus on a 486 and me on a pentium I system) The other part is caused by the very bad routing :( Greetz, Ivo van Dongen ------------------------------------------------------------------------ "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot ------------------------------------------------------------------------ -----Original Message----- From: Guus Sliepen <guus@warande3094.warande.uu.nl> Date: Tue, 13 Feb 2001 11:17:07 +0100 Subject: Re: Performance VPN over the internet> On Mon, Feb 12, 2001 at 02:49:48PM +0100, Fred.Krom@ict.nl wrote: > > > I'm new whit tinc and this mail-list. > > I like to build a vpn over the internet between two sites in > Holland and > > Germany. Are there some experience whit the performance > (turn-a-round en > > bandwidth) of a link. I want to use it for a 1,5Mb connection. > > A 486 DX2/66 computer running tinc will show around 10 ms extra delay > if it is > pinged via tinc instead of directly. The maximum throughput on the > same > computer is around 0,6 Mbit/s whereas an ssh connection (with > OpenSSH) has a > maximum throughput of 0,5 Mbit/s. > > Ofcourse, you are using totally different machines. But since the > throughput > of ssh and tinc roughly is the same (because both are spending 99% of > their > time doing the same kind of encryption), you can measure the speed > with ssh: > Just copy a large file and see how long it takes, or try to send lots > of data > and use a network analysis tool to measure the used bandwith. > > A quick experiment shows that my P200 can handle at least 2 Mbit/s. > At least, > because it is the maximum bandwith of the connection to the rest of > the > internet I have here :). > > The delay caused by tinc should decrease as much as the speed > increases if > you're using faster machines. > > ------------------------------------------- > Met vriendelijke groet / with kind regards, > Guus Sliepen <guus@sliepen.warande.net> > ------------------------------------------- > See also: http://tinc.nl.linux.org/ > http://www.kernelbench.org/ > ------------------------------------------- >- Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://ftp.nl.linux.org/pub/linux/tinc/
On Mon, Feb 12, 2001 at 02:49:48PM +0100, Fred.Krom@ict.nl wrote:> > > Hi 'tinc users' > > I'm new whit tinc and this mail-list. > I like to build a vpn over the internet between two sites in Holland and > Germany. Are there some experience whit the performance (turn-a-round en > bandwidth) of a link. I want to use it for a 1,5Mb connection. >Maybe interesting tidbit.. I have been using tinc to form a VPN between the Netherlands and Chile (traceroute tells there are 24hops between the hosts). Often both hosts have their network connections loaded and still tinc continues to provide a workable VPN. For the ping times between these two hosts (around 1second) the overhead of tinc is not noticeable. The only config change needed was to set a PingTimeout of 20 secs. 5secs is sometimes too soon. Marijn. -- Marijn Vriens <marijn@sanity.dhs.org> GPG/PGP: 6895 DF03 73E1 F671 C61D 45F4 5E83 8571 C529 5C15 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010213/5d3c6ffa/attachment.pgp
Thanks for all the answers! My problem is not the speed of tinc I see, but the speed of the internet. If I run the vpn over one provider for example UUnet in Holland, it is possible to get a 2Mb connection. When I try to ping to Germany it cost a 40/50 ms (that is the turn-a-round of a 64k link ;-( ) The question for me is to order a 2Mb line or to vpn 2Mb over the internet, the vps is the cheapest ;-) Regards Fred Marijn Vriens <marijn@sanity.dhs.org> on 13-02-2001 12:38:49 Please respond to tinc@nl.linux.org To: tinc@nl.linux.org cc: (bcc: Fred Krom/DEV/ICT) Subject: Re: Performance VPN over the internet On Mon, Feb 12, 2001 at 02:49:48PM +0100, Fred.Krom@ict.nl wrote:> > > Hi 'tinc users' > > I'm new whit tinc and this mail-list. > I like to build a vpn over the internet between two sites in Holland and > Germany. Are there some experience whit the performance (turn-a-round en > bandwidth) of a link. I want to use it for a 1,5Mb connection. >Maybe interesting tidbit.. I have been using tinc to form a VPN between the Netherlands and Chile (traceroute tells there are 24hops between the hosts). Often both hosts have their network connections loaded and still tinc continues to provide a workable VPN. For the ping times between these two hosts (around 1second) the overhead of tinc is not noticeable. The only config change needed was to set a PingTimeout of 20 secs. 5secs is sometimes too soon. Marijn. -- Marijn Vriens <marijn@sanity.dhs.org> GPG/PGP: 6895 DF03 73E1 F671 C61D 45F4 5E83 8571 C529 5C15 -------------- next part -------------- A non-text attachment was scrubbed... Name: att1.unk Type: application/octet-stream Size: 242 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010213/a03c6fb6/att1.obj