Hello,
I'm running OpenWRT OpenWrt 19.07.0 on top of KVM with a x86_64 server. OpenWRT sees the real CPU and AES instructions are available. The CPU is a XEON. However, with only one client, I can't get more than 2MB/s. OpenVPN server CPU is 100%. I guess AES instructions are not used.
I already read https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators and did try to build modules but it didn't help. I understood later hardware acceleration is already available so I don't understand this poor speed.
I don't have /dev/crypto so I guess it's my issue.
How to improve speed ?
Thanks
config openvpn 'server'
option port '1194'
option proto 'udp'
option dev 'tun0'
option dh '/etc/easy-rsa/pki/dh.pem'
option ca '/etc/easy-rsa/pki/ca.crt'
option key '/etc/easy-rsa/pki/private/server.key'
option keepalive '10 60'
option cert '/etc/easy-rsa/pki/issued/server.crt'
option compress 'lz4-v2'
option verb '11'
option enabled '1'
option client_to_client '1'
option tls_crypt '/etc/easy-rsa/pki/tc.pem'
option ifconfig_pool_persist '/tmp/ipp.txt'
option persist_key '1'
option persist_tun '1'
option topology 'subnet'
option server '10.5.5.0 255.255.255.0'
list push 'dhcp-option DNS 10.5.5.1'
list push 'dhcp-option DOMAIN example.lan'
list push 'route 192.168.5.0 255.255.255.0'
list push 'topology subnet'