Recently I was setting up DRBD (in short: “block devices designed as a building block to form high availability (HA) clusters”) between two data centers.
DRBD doesn’t apply any form of compression on the data that is replicated; is it a good idea to enable compression in the VPN link if you replicate your data with DRBD over Internet? Here is a quick test.
I used OpenVPN with its lzo compression to test it, as it is easy to set up and to get the results.
tun0 interface is the “compressed” link; it shows the amount of data sent between two DRBD servers.
bond0 is the real network interface; as the underlying tun0 link sends data in compressed form, this one shows the real traffic.
As you can see by looking at “total” column, OpenVPN lzo compression saves us more than 50% of traffic. Not bad. I wonder how does IPsec’s IPcomp compare to OpenVPN’s lzo?
What was tested: a couple of virtual machines (Linux on Xen and Windows on VMware) with their block devices placed on LVM; LVM was placed on DRBD.
Note that “tx” for bond0 is bigger than “tx” for tun0; it is because DRBD server was exchanging data with other machines in LAN as well (backups etc.).
Compressing the link between two DRBD machines make sense over a WAN interface only (if you have to pay for the amount of data transferred, the link is too slow, or both); it doesn’t make much sense locally if you have 1 Gbit network or better.