OpenSSL cipher speed
OpenVPN uses OpenSSL to perform all cryptographic operations. This means that the performance of an OpenVPN client or server depends on how fast the incoming traffic can be decrypted and how fast the outgoing traffic can be encrypted. For a client with a single connection to the OpenVPN server, this is almost never an issue, but with an OpenVPN server with hundreds of clients, the cryptographic performance becomes very important.
In this recipe, we will show how to measure the performance of the OpenSSL cryptographic routines and how this measurement can be used to improve the performance of an OpenVPN server to which many clients connect.
Getting ready
This recipe is performed on a variety of computers:
A laptop with Intel Core2 Duo T9300 processor running at 2.5 GHz, running Fedora Linux 13 64bit
A server with Intel Xeon X5660 processor running at 2.8 GHz and with support for the AESNI instructions, running CentOS 5.5 64bit
An older desktop computer with an AMD XP 1800+...