APM network access performance issue (Wireshark help)

We've setup a network access to establish VPN connections for one of our clients. Connecting to the tunnel is fine, but we are facing performance issues. In general we are talking about a degradation in throughput of around 50%. For example with a DSL 16000, which connects with around 13000Mbit we reach around 11000Mbit with any kind of speedtest. Performing this test through the VPN tunnel gives us only around 6000Mbit. What we see in a tcpdump taken directly on the client, that without VPN a large download will be transferred with constant pakets of around 1500, but with VPN a "large" paket will be followed by one or more very small pakets, which then in combination with the RTT of the WAN results in the performance issue.

 

 

As I'm not that perfect TCP and Wireshark expert, I'd like to ask you if someone can point me in the right direction, what might be the reason for the seen behavior.

 

FYI, this is running on a BIG-IP 4000s with 11.5.4 HF1. We also raise a ticket with F5 and had a consultant checking our setup. He confirmed, that it generally looks fine and that it might be better with different options like adjusted TCP-profiles. We already tried this, but the behavior is still the same. We also already using DTLS, which helps a little bit, but it's still not acceptable. If you need any further information, please let me know.

 

But currently I'm "only" looking for some help in interpreting the Wireshark output.

 

Thank you!

 

Ciao Stefan :)