Virtual private networks: an overview with performance evaluation

Virtual private networks have gained immense popularity among commercial and defense organizations because of their capability to provide secure connectivity at lower costs. Several commercial and open source VPN products are now available that can be configured to provide VPN services with varying characteristics. This article studies some of the most popular open-source Linux-based VPN solutions (OSLVs) and compares them with respect to network performance (measured in terms of overhead, bandwidth utilization, and latency/jitter), features and functionalities (e.g., algorithm plugins and routing), and operational concerns (defined by security and scalability). Our experiments suggest that there is no single OSLV solution that excels in all considered aspects, and a combination of different VPN products and/or trade-off among desired characteristics may be required to deliver optimal performance. Our experiments also suggest that on an average, OSLVs using UDP-based tunnels have 50 percent lower overhead, 80 percent higher bandwidth utilization, and 40-60 percent lower latency/jitter than those using TCP.