Could my nexus be slowing down UDP traffic?

I have a pair of 5010 switches. On the switch is an OpenVPN server (That can operate in UDP or TCP mode) and a Juniper VPN appliance. We experience the same problem with both VPNs.

We connect to this VPN to access secure network segments, it's all high speed 1GB+ local area network.

How to produce the problem:

* Connect to either VPN in UDP mode.

* Start pinging a a machine through the VPN.

* Copy a large file from workstation to another server behind VPN.

     * Watch pings go from 1ms to 50-125ms, including MANY dropped packets. (Probably 5-10 percent loss)

     * CPU utilization on the OpenVPN server is low, about 20 percent.

     * File transfer speed is ~5 to 6 mb/sec.

Now, switch OpenVPN over to TCP mode (which I would expect to be much slower, especially on high speed reliable networks) and repeat.

     * Ping times stay sub 12ms and there are no dropped packets.

     * CPU on OpenVPN box is 100 percent.

     * File transfer speed.... 22 mb/sec!

I haven't taken the time to switch the Juniper VPN to TCP mode, it's kind of time consuming and I'd rather skip it.

My firewall doesn't indicate anything abnormal or special going on and I want to rule out the Nexus if I can. 

EDIT: Don't know if this stuff matters, I'm not an expert, but I wanted to include it here.

class-map type qos class-fcoe

class-map type queuing class-all-flood

  match qos-group 2

class-map type queuing class-ip-multicast

  match qos-group 2

class-map type network-qos class-all-flood

  match qos-group 2

class-map type network-qos class-ip-multicast

  match qos-group 2

Reza Sharifi
Hall of Fame Expert

These commands are default QOS commands on all Nexus devices and don't have anything to do with slowness you are encountering.


OK... Is there *anything* else on a Nexus that could cause behaviour like this?