site to site vpn download speed is limited

0

We are having a site to site vpn connection using Customer gateway and Virtual private gateway. We are using the VPN to perform a DR on Dell DDVE. we did replicate the machine from on premise to AWS. but when we try to restore the speed is very limited. we are using EC2 instance m5.xlarge

Replicating from on premise to AWS was using the full link speed 300 Mbps while restoring from AWS to on-premise is only utilizing 7 Mbps

Although they are using the same VPN connection.

we have adjusted the MTU to 1460 as suggested by AWS and disabled Fragmentation but yet no difference.

Any suggestions why would this happen ?

질문됨 일 년 전264회 조회
3개 답변
0

Have you checked your internet connection download speed? Do you have speed limitations on your Internet link?

profile picture
전문가
답변함 일 년 전
  • Yes, besides the VPN, the speed is ok. Download or upload on the ec2 instance is using the full bandwidth.

0

Hi Amr,

I can think of:

  • Is the VPN connection terminated on a firewall, or going through a firewall? Your firewall performance and traffic inspection for Ingress traffic can be different from Egress traffic to your on-premise network. If so, will you be able to test bypassing that specific flow?
  • Did this Tunnel have any records of performing downloads at higher speed than what is your case now?
  • Is the download done by the Dell machine part of recovery/restore operation? Is there any decryption/checksum operation taking up resources on CPU\Memory?
  • Can you test the download speed over VPN using other operation from the same m5.xlarge instance to your machine?
profile pictureAWS
전문가
AmerO
답변함 일 년 전
0

Hello,

you need to check below thing.

  1. Usage of your internet link, it might be chocked.
  2. have you checked the server utilization , it may be some process causing issue.
  3. what is the firewall interface capacity, you may have 10TB link but if firewall port is of 1 gig you will not get more than 1gig speed.
  4. changing MTU may not help as change MTU size should be end to end, which is impossible to have over internet.
Sachin
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠