Yeah that’s my experience as well. That’s why I wanted a comparison. My router at home easily handles gigabit over IPSec even though the CPU is at least 8 years old.
Interesting, haven’t run IPSec under Linux, is this expected performance?
Seems rather low compared to what I’ve experienced under FreeBSD. An i7 Ivy Bride & Broadwell and should be aleast comparable to my almost decade old Nehalem-EP Xeon, shouldn’t it?
First, these are the mobile variants of the CPUs, which are usually slower than their desktop counterparts out of the box, and clock lower more often due to thermal management kicking in a lot, too.
Secondly, a gigabit network card was used, which sets a low ceiling for the benchmark.
Thirdly, these were results averaged over 30 minutes (which again may cause heat issues in some laptops), not burst performance; I doubt OpenVPN would even register on a graph of burst performance of, say, 3 seconds.
Lastly, from what I hear, the Linux IPsec stack is a lot more complicated than is typical. Granted, they're all complicated, but still ...
I have no issues getting Gbit over IPSec (Strongswan), but with OpenVPN I always maxed out around ~400Mbit.
EDIT: Looks like I misunderstood your comment and it seems like you want a comparison to Wireguard... oops