Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1205
Views
0
Helpful
1
Replies

overhead of GRE/IPSEC tunnels

Go to solution
carl_townshend
Spotlight
Spotlight

‎02-03-2015 08:15 AM - edited ‎03-05-2019 12:42 AM

Hi all

I am doing some testing on our network

we have an MPLS WAN, we have sent traffic via the normal route, and the other via a GRE tunnel

we are using Appneta software, it seems via the GRE/IPSEC tunnel we have 40% less usable bandwidth on a 10Mbit link, whereas via the normal route we only lose about 5%

why would we get this much loss? and what causes the loss?

 

cheers

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎02-03-2015 09:29 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

A single MPLS label only adds 4 bytes, so you would lose that much, per packet to additional overhead.  If you're packets are minimal size, that lost 4 bytes will lose you about 6%, but if you packets are large (1500B), you'll only lose .27%.

GRE/IPSec adds, depending on configuration, around 60 to 80 bytes, per packet.  For minimal size packets, you're going to lose about half your bandwidth.  For large (1500B) packets, you'll lose about 5.3%.

Depending on how you measure throughput, GRE/IPSec can be adverse to traffic, because, unlike MPLS, its overhead reduces the maximum possible payload, which can result in IP fragmentation issues, which further increases bandwidth lost to overhead.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎02-03-2015 09:29 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

A single MPLS label only adds 4 bytes, so you would lose that much, per packet to additional overhead.  If you're packets are minimal size, that lost 4 bytes will lose you about 6%, but if you packets are large (1500B), you'll only lose .27%.

GRE/IPSec adds, depending on configuration, around 60 to 80 bytes, per packet.  For minimal size packets, you're going to lose about half your bandwidth.  For large (1500B) packets, you'll lose about 5.3%.

Depending on how you measure throughput, GRE/IPSec can be adverse to traffic, because, unlike MPLS, its overhead reduces the maximum possible payload, which can result in IP fragmentation issues, which further increases bandwidth lost to overhead.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card