site to site vpn download speed is limited

Question

We are having a site to site vpn connection using Customer gateway and Virtual private gateway.
We are using the VPN to perform a DR on Dell DDVE. we did replicate the machine from on premise to AWS. but when we try to restore the speed is very limited. we are using EC2 instance m5.xlarge

Replicating from on premise to AWS was using the full link speed 300 Mbps
while restoring from AWS to on-premise is only utilizing 7 Mbps

Although they are using the same VPN connection.

we have adjusted the MTU to 1460 as suggested by AWS and disabled Fragmentation but yet no difference.

Any suggestions why would this happen ?

Answer

Have you checked your internet connection download speed? Do you have speed limitations on your Internet link?

Answer

Hi Amr,

I can think of:

- Is the VPN connection terminated on a firewall, or going through a firewall? Your firewall performance and traffic inspection for Ingress traffic can be different from Egress traffic to your on-premise network. If so, will you be able to test bypassing that specific flow?
- Did this Tunnel have any records of performing downloads at higher speed than what is your case now? 
- Is the download done by the Dell machine part of recovery/restore operation? Is there any decryption/checksum operation taking up resources on CPU\Memory?
- Can you test the download speed over VPN using other operation from the same m5.xlarge instance to your machine?

Answer

Hello,

you need to check below thing.

1. Usage of your internet link, it might be chocked.
2. have you checked the server utilization , it may be some process causing issue.
3. what is the firewall interface capacity, you may have 10TB link but if firewall port is of 1 gig you will not get more than 1gig speed.
4. changing MTU may not help as change MTU size should be end to end, which is impossible to have over internet.

site to site vpn download speed is limited

Relevant content