Overhead on VPN IPSEC/L2TP host-to-lan

Home Page Forums Network Management VPN Overhead on VPN IPSEC/L2TP host-to-lan

This topic contains 1 reply, has 0 voices, and was last updated by  gabriele.db 7 years, 10 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #42953

    gabriele.db
    Member

    Hi there,
    i’m performing some tests on openvpn and IPSEC in order to have a comparation of the generatad overhead.
    First of all, i made some tests on OPENVPN, and i had no problems. I tested the overhead (control traffic) in a situation of no data traffic, changing the “keepalive” parameter.

    Then i worked on IPSEC. Let me give an explaination of the system:
    ZS is running on a machine working as gateway for a small subnet. The other side of the tunnel is a windows xp client.
    There is a router in the middle but there is no nat addres, so it shouldn’t be a problem…
    The tunell (with the X.509 certificates) is active and operational. The problem is the presence of a huge quantity of ESP packects when the two side are active but they are not sending anything.

    This is a fragment (30 seconds) of a “man in the middle” sniffer:

    1 0.000000 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    2 0.004433 10.10.30.2 10.10.20.123 ESP ESP (SPI=0x93f023b1)
    3 0.301163 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    7 2.986712 10.10.30.2 10.10.20.123 ESP ESP (SPI=0x93f023b1)
    8 2.987694 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    13 6.235851 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    17 10.985274 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    18 10.985370 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    19 11.009817 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    20 11.014303 10.10.30.2 10.10.20.123 ESP ESP (SPI=0x93f023b1)
    21 11.734983 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    22 12.484941 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    23 14.898118 10.10.30.2 10.10.20.123 ESP ESP (SPI=0x93f023b1)
    24 14.898591 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    25 15.235018 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    26 15.235170 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    27 15.984845 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    28 16.734857 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    29 17.363901 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    31 17.985975 10.10.30.2 10.10.20.123 ESP ESP (SPI=0x93f023b1)
    32 17.986848 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    33 19.485059 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    34 19.485172 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    35 20.235015 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    36 20.317955 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    38 20.984875 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    39 22.008139 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    40 22.012663 10.10.30.2 10.10.20.123 ESP ESP (SPI=0x93f023b1)
    41 26.252611 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)
    43 30.265153 10.10.20.123 10.10.30.2 ESP ESP (SPI=0x0cc4f0e7)

    In 360 seconds of connection i have 30000 Bytes of ESP packets…
    Any idea about this packets exchange?
    I opened the ZS shell for look at the racoon.conf, but i didn’t find any parameter about this issue.

    Thanks for your help.
    Gabriele

    PS: I do my apologize for my English! 😉

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.