|
PLEASE help with continuing random openvpn speed drops
i've posted 3 or 4 posts on this forum about this issue and have gotten no resolution on this issue. *sigh*
i have a comcast business connection on which my openvpn server resided. it is 50mbps DOWN and 10mbps UP. This connection is extremely reliable and full-speed for all other services (http, ftp, etc) that I have tested. however, when I connect over openvpn from any remote location, the speed seems abnormally slow - as in, transfers FROM the VPN server or network UP TO wherever I am does not even come CLOSE to the 10mbps that every other service seems to be able to max out just fine. it appears to be completely random; sometimes its full speed, sometimes its half, someetimes its 1/4. Over my phone's 4G LTE wifi hotspot feature i've actually seen it under 1 mbps! like, ISDN speeds wherever I am at the remote spot and do a speedtest WITHOUT the vpn, speeds are normal (15mbps, 25mbps down for example on a cable connection at the remote location). but when I launch the VPN client, speeds immediately slow down. I am the only one using the network at the VPN side, and very often I am the only one connecting from the client side. connection type does not matter; wifi or ethernet. the server is Arch Linux with a 3.7 kernel and openvpn 2.3; it is the router for the LAN. Client is windows 7 64-bit with openvpn 2.3. i have: -disable CPU throttling, WMM and QoS on the win7 client -tried mssfix and fragment number ranging from 1000 to 1499 in various intervals - this seemed to have NO effect -tried no-replay -completely replaced the router/server hardware, the cable modem on the server side, and all cabling and switch -disconnected everything from the server LAN so that the server is the only device nothing seems to change this speed issue. once again it seems completely random, sometimes its slow sometimes its fast. as i said, the issue seems to be only the openvpn; when the speed is slow on the connection, i will sometimes temporarily enable a basic http server, get off the VPN and try downloading a file using plain http; this ALWAYS works at full speed. server config: Code:
port 1194Code:
clienthttp://s14.postimage.org/hicctpow1/speed.png is there ANYTHING else I can try here? i'm getting close to giving up... |
what are the hardwares?
if i were u, i would disable Encryption algorithm ("cipher AES-128-CBC" in config) then check the speed again... good luck |
router is an intel sandy bridge motherboard w/core i3 3.3GHz, 4GB DDR3 1333. I would think this would be enough?
also, wouldn't disabling the encryption essentially have my traffic going clear-text over the internet? that doesn't sound good... |
1 Attachment(s)
i've attached another speedtest image, done approximately a day later than the other. I am in the exact same location (restaurant wifi, AFAICT the only user). Speeds are normal this time. WTF?? NOTHING has changed about the setup at all, and i'm sure itll go back down tommorow...
any ideas? |
btw, tried cipher disabling and connected to my neighbors wifi (comcast residential 25/3) and still have the same problem :(
i don't get why i see specs for openvpn running on el cheapo routers (sub-1GHz processors, 64MB RAM) and getting 20+ megabits, while i'm struggling to get 10m from what I would consider to be pretty massive hardware for just a router and vpn box.... |
have a look :
https://community.openvpn.net/openvp...Networks_Linux You can buy a "SSL accelerator card" (not expensive), instead of buying el cheapo router. 1Ghz cpu doesnt look good for cryption. those routers may have those cards inside, i dont know. I use pfSense as gateway, i will test openvpn and ipsec tonight and let u know the results. good luck |
but as i said, the cpu in the vpn box is a 3.3ghz i3.... are you saying this is still too slow of a cpu to allow for even a 10 megabit connection? if so, then it seems openvpn is pretty poor as far as performance is concerned... i've seen those cards before, but is it really necessary with such a high-speed CPU?
|
I just wanted to say that u had an option with those card.
I have tested openvpn with static.key, between france datacenter and istanbul office. i have 20Mbit download at office. Openvpn worked as i expected at 20Mbit. i have downloaded file with 2.2Mbyte/s. i had same values via direct connect. server has i5 cpu with 16Gig ram, client has i3-3240 with 8 gb ram. Both of them are ubuntu 12.04.1, (server and desktop releases). config files: /etc/openvpn/client.conf Code:
remote server.ip.addressCode:
dev tunCan u test it with simple (static.key) config? |
so updates. i did a local test using iperf over the vpn connection just inside the local lan. This is a gigabit lan through a cisco 8-port switch. Un-vpn'd speeds are around 941mbps. with the vpn it maxes out at around 70 megs. still doesn't explain why i can't get 10 over the internet.
but more to the point, i've more or less narrowed it down to a wifi-only problem (i usually am connecting through wifi on the win7 laptop.) all of the hardline ethernet speeds actually seem consistent. i guess vpns have a hard time with wifi? i'll try the simpler config you mentioned when i get off work today. |
You are right.
i have just tested openvpn via wi-fi connection. client was win7 32bit, server was ubuntu 12.04 in datacenter.. i checked bandwith via speedtest.net site and i noticed that wi-fi didnt offer stable connection speed even my AP was very powerful. i repeated test several times, max download was 22mbit, upload was 5mbit(max bandwidth of my internet connection).. most of time i reached the max bandwith but sometimes it just showed only 5mbit download and 4.5mbit upload. |
so it seems. in any case, i would guess this is fairly directly related to the tx power of the AP, as well as RF interference.
thanks for all the help. ill mark this as solved, even though i'm not sure it's exactly solvable... |
| All times are GMT -5. The time now is 05:40 AM. |