OpenVPN throughput: AES-128-CBC vs CHACHA20-POLY1305

  • ATTENTION! As of November 1, 2020, you will not be able to reply to threads 6 months after the thread is opened. Threads will not be locked, so posts may still be edited by their authors.

RMerlin

Asuswrt-Merlin dev
iperf3 test running over an OpenVPN tunnel, comparing both ciphers. The server is running on an Asus RT-AC66U_B1 (which has no hardware-accelerated AES support), client was running on my laptop (connected over wifi). The iperf server was also running on the router itself, so it may slightly reduce its performance as well.

AES-128-CBC:
Code:
[email protected]:~$ iperf3 -c 192.168.50.1 -M 1400 -N -l 64K -t 10
Connecting to host 192.168.50.1, port 5201
[  5] local 172.31.205.238 port 36926 connected to 192.168.50.1 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec  4.70 MBytes  39.4 Mbits/sec    0    248 KBytes
[  5]   1.00-2.00   sec  4.57 MBytes  38.3 Mbits/sec    0    464 KBytes
[  5]   2.00-3.00   sec  4.88 MBytes  41.0 Mbits/sec    0    686 KBytes
[  5]   3.00-4.00   sec  5.00 MBytes  41.9 Mbits/sec    0    740 KBytes
[  5]   4.00-5.00   sec  3.75 MBytes  31.4 Mbits/sec    0    740 KBytes
[  5]   5.00-6.00   sec  4.38 MBytes  36.7 Mbits/sec    0    740 KBytes
[  5]   6.00-7.00   sec  4.38 MBytes  36.7 Mbits/sec    0    740 KBytes
[  5]   7.00-8.00   sec  3.75 MBytes  31.5 Mbits/sec    0    740 KBytes
[  5]   8.00-9.00   sec  4.38 MBytes  36.7 Mbits/sec    0    740 KBytes
[  5]   9.00-10.00  sec  4.38 MBytes  36.7 Mbits/sec    0    740 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  44.2 MBytes  37.0 Mbits/sec    0             sender
[  5]   0.00-10.16  sec  43.1 MBytes  35.6 Mbits/sec                  receiver

iperf Done.
CHACHA20-POLY1305:
Code:
[email protected]:~$ iperf3 -c 192.168.50.1 -M 1400 -N -l 64K -t 10
Connecting to host 192.168.50.1, port 5201
[  5] local 172.31.205.238 port 36930 connected to 192.168.50.1 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec  6.60 MBytes  55.4 Mbits/sec    0    439 KBytes
[  5]   1.00-2.00   sec  6.59 MBytes  55.3 Mbits/sec    0    733 KBytes
[  5]   2.00-3.00   sec  5.62 MBytes  47.2 Mbits/sec    0    758 KBytes
[  5]   3.00-4.00   sec  6.25 MBytes  52.5 Mbits/sec    0    758 KBytes
[  5]   4.00-5.00   sec  5.62 MBytes  47.2 Mbits/sec    0    758 KBytes
[  5]   5.00-6.00   sec  5.62 MBytes  47.2 Mbits/sec    0    758 KBytes
[  5]   6.00-7.00   sec  5.62 MBytes  47.2 Mbits/sec    0    758 KBytes
[  5]   7.00-8.00   sec  5.62 MBytes  47.2 Mbits/sec    0    758 KBytes
[  5]   8.00-9.00   sec  5.62 MBytes  47.2 Mbits/sec    0    758 KBytes
[  5]   9.00-10.00  sec  6.25 MBytes  52.4 Mbits/sec    0    758 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  59.4 MBytes  49.9 Mbits/sec    0             sender
[  5]   0.00-10.12  sec  58.2 MBytes  48.2 Mbits/sec                  receiver

iperf Done.
Quite notable performance difference

Connection details of the chacha20 session:

Code:
Sep 17 23:32:14 ovpn-server1[28161]: 192.168.10.232:7213 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 1024 bit RSA
Sep 17 23:32:14 ovpn-server1[28161]: 192.168.10.232:7213 [client] Peer Connection Initiated with [AF_INET6]::ffff:192.168.10.232:7213
Sep 17 23:32:14 ovpn-server1[28161]: client/192.168.10.232:7213 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
Sep 17 23:32:14 ovpn-server1[28161]: client/192.168.10.232:7213 MULTI: Learn: 10.8.0.2 -> client/192.168.10.232:7213
Sep 17 23:32:14 ovpn-server1[28161]: client/192.168.10.232:7213 MULTI: primary virtual IP for client/192.168.10.232:7213: 10.8.0.2
Sep 17 23:32:14 ovpn-server1[28161]: client/192.168.10.232:7213 Data Channel: using negotiated cipher 'AES-128-GCM'
Sep 17 23:32:14 ovpn-server1[28161]: client/192.168.10.232:7213 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Sep 17 23:32:14 ovpn-server1[28161]: client/192.168.10.232:7213 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Sep 17 23:32:14 ovpn-server1[28161]: client/192.168.10.232:7213 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.50.0 255.255.255.0 vpn_gateway 500,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-128-GCM' (status=1)
 
Last edited:

heysoundude

Very Senior Member
Notable, significant...the people following WireGuard aren't surprised: they've been using ChaCha20 & Poly1305 and for some time now.

This is in conjunction with the v386 firmware you're working on?
If so, does that possibly mean what Asus has coming down the pipe on the hardware side (WiFi6e) might run with k5.x or higher?
 

RMerlin

Asuswrt-Merlin dev
Notable, significant...the people following WireGuard aren't surprised: they've been using ChaCha20 & Poly1305 and for some time now.
However this is in the context where you have no hardwar-accelerated AES. On a more modern router with it, you would get better performance/lower CPU load using AES rather than Chacha20.

This is in conjunction with the v386 firmware you're working on?
Yes, I merged OpenVPN 2.5 beta so I could begin work on supporting it.

If so, does that possibly mean what Asus has coming down the pipe on the hardware side (WiFi6e) might run with k5.x or higher?
Totally unrelated, this is all userspace stuff, and entirely my own work. And a kernel upgrade is not gonna happen, unless the SoC manufacturer actually does. Asus merely reuses what Qualcomm/Broadcom uses as part of their SDK, it's not Asus's decision to make.

I wouldn`t expect to see a 5.x kernel appear in a router for a good 2-4 years, if not more. The latest Broadcom stuff as of this year is still on 4.1.51.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top