Improve overlay network performance with Null encryption (at the expense of security)?

Hey folks, I’m pretty new to Rancher but I’m a big fan…

I’ve been doing some simple performance testing and noticed a gap between basic docker networking and the Rancher overlay network and my initial thought are that it’s down to the overhead of IPsec.

Are there any tricks to tweak the Rancher managed network for improved performance? Has anyone looked at using NULL encryption with openswan to reduce the CPU load / interrupts? Obvious there’s a security concern here but then encryption may not always be the primary consideration between hosts in a private network.

I’m happy to investigate this further if the idea has merit or maybe it’s a really bad idea and there’s a better solution on the roadmap. Thoughts?

Thanks for the great product,

1 Like

I thinks rancher should have an option to not use encryption between hosts. Some of us are using rancher on private networks where this would be acceptable.

1 Like