raspberry pi

few days ago, after 19 weeks of waiting, i have finally received my raspberry pi.

my raspberry pi

raspbian feels incredibly familiar, after all it’s just debian. i’ve spent one evening trying the graphical part – checking different websites under midori [verdict: not really a desktop browsing experience, but good enough to connect it to 40″ flat screen and render some dashboards]; xbmc media player did not work for me [yet], but omxplayer did.

the next step – checking what use can i make of it in the networking world. one of potential use cases is router-on-a-stick and openvpn endpoint.

i have connected raspberry [raspberrypi] and some old pc running linux [pqd] into the same lan and run unscientific test using wget. i got:

2012-12-22 11:27:51 (11.2 MB/s) - `/dev/null' saved [94682416/94682416]

89Mbit/s for bulk traffic without encryption, that’s an order of magnitude more than i would transfer via it [having typical office router in mind attached to an ADSL line].

test of available bidirectional traffic checked with iperf gave me ~89Mbit/s down and ~30Mbit/s up.

i have configured openvpn to use simplest/least secure preshared key and run the same test via the encrypted tunnel having following configs:

pqd:~# cat /etc/openvpn/server.conf
dev tun3
ifconfig 10.8.0.1 10.8.0.2
secret static.key # key was generated by running openvpn --genkey --secret static.key
port 2011
proto udp
root@raspberrypi:/home/pi# cat /etc/openvpn/client.conf
dev tun3
ifconfig 10.8.0.2 10.8.0.1
secret static.key
port 2011
proto udp
remote 10.0.0.1

downloading the same file but via the vpn:

2012-12-22 11:39:45 (1.57 MB/s) - `/dev/null' saved [94682416/94682416]

12.5Mbit/s this time for bulk traffic via openvpn. let’s see what happens if we disable encryption by commenting out the secret line and adding:

cipher none
auth none

this time i got 24Mbit/s. so the price of additional round-trip kernel->userland[openvpn]->kernel is quite high – 89-24=65Mbit/s of the performance lost; encrypting the data gives additional hit of 11Mbit/s.

how about latency? pinging directly via ethernet gives me response times of ~0.5ms; via encrypted openvpn: 1.5ms; via unencrypted openvpn: ~1.2ms.

while playing with different configuration i’ve found Optimizing performance on gigabit networks article which goes much more into the details.

i’ve also tested tagged vlans. it ‘just worked’ – no surprises here.

Leave a Reply

Your email address will not be published. Required fields are marked *