Issue:
VPN connectivity from RouterOS devices is extremely degraded on throughput.
This does not appear to have anything to do with the hardware type used and appears to be an issue with the OS itself.
I have extended the troubleshooting beyond just Mikrotik OS on both ends,
and have created connections to pfSense and Cisco ASA firewalls at one end with the same results.
(ie. Mikrotik OS <> pfSense IPSEC VPN || Mikrotik OS <> Cisco ASA IPSEC VPN)
Fix:
Unknown
Troubleshooting / Connectivity Overview:
SITE A (Primary Data Center)
-------------------------------------
Routerboard: CCR-1036-8G-2S+
RouterOS: v6.37
Internet Connection:
- Download: 10GB
- Upload: 10GB
SITE B (Corporate Office)
-------------------------------------
Routerboard: RB3011UiAS
RouterOS: v6.37
Internet Connection:
- Download: 100MB
- Upload: 10MB
SITE C (Secondary Data Center)
-------------------------------------
Routerboard: x86 - Dual Core 3.0GHz
RouterOS: v6.37
Internet Connection:
- Download: 1GB
- Upload: 1GB
VPN Connectivity Tests
-------------------------------------
SITE B <> SITE A
Tunnel Type: None - Direct Public to Public
Max Throughput: 100 Mbps / 10 Mbps
SITE B <> SITE A
Tunnel Type: IP-IP
Max Throughput: 32-35 Mbps
SITE B <> SITE A
Tunnel Type: GRE
Max Throughput: 32-35 Mbps
SITE B <> SITE A
Tunnel Type: IPSEC AES-256/SHA1
Max Throughput: 28 Mbps
SITE C <> SITE A
Tunnel Type: None - Direct Public to Public
Max Throughput: 1 Gbps / 1 Gbps
SITE C <> SITE A
Tunnel Type: IP-IP
Max Throughput: 32-35 Mbps
SITE C <> SITE A
Tunnel Type: GRE
Max Throughput: 32-35 Mbps
SITE C <> SITE A
Tunnel Type: IPSEC AES-256/SHA1
Max Throughput: 28 Mbps
SITE B <> SITE C
Tunnel Type: None - Direct Public to Public
Max Throughput: 100 Mbps / 10 Mbps
SITE B <> SITE C
Tunnel Type: IP-IP
Max Throughput: 32-35 Mbps
SITE B <> SITE C
Tunnel Type: GRE
Max Throughput: 32-35 Mbps
SITE B <> SITE C
Tunnel Type: IPSEC AES-256/SHA1
Max Throughput: 28 Mbps