@blackbox I made the changes, but the application I use only works on weekdays. I will test it during the week.
The website below helped me too: Devcrypto Openssl on Openwrt - Unix & Linux Stack Exchange
Flint 2 OpenVPN speed is around 190Mbps maximum. Maybe the network throughput or the OpenVPN server is the limitation.
I’ve learned that the hardware engine doesn’t gain much performance boost.
Because it needs a driver and OpenVPN must do a context switch to handle packets. I fail to find the source link.
1 Like
Does this only apply to AES or also CHACHA20-POLY1305?
190Mbps is the result of aes-256-gcm, chacha20-poly1305 is usally faster than that.
1 Like
ChaCha20-Poly1305 is used for WG. The Flint-v2 is GL’s best device for WG performance (900 Mbps advertised).
1 Like
But OpenVPN also supports CHACHA20-POLY1305 for a long time already. So its up to the OpenVPN provider you use.
1 Like
I’ll take your word for it. I don’t like the premise of a single threaded proc for a VPN regardless of the ciphers.
1 Like
CHACHA20-POLY1305 is supported by OpenVPN. My old Asus RT-AC68U which didn’t support AES was about 15% faster when using CHACHA20-POLY1305 over AES-128-GCM with a top speed of ~80 Mbps. FWIW my RT-AC86U did support AES and would do ~220 Mbps using AES-128-GCM.
Could you make this comparison with the MT6000?
Just a heads up: that’s not a fair comparison as AES-128 isn’t a PQC cipher. Update your threat model accordingly. You’d have to bench AES-256 v ChaCha20-Poly1305.