i've posted 3 or 4 posts on this forum about this issue and have gotten no resolution on this issue. *sigh*
i have a comcast business connection on which my openvpn server resided. it is 50mbps DOWN and 10mbps UP. This connection is extremely reliable and full-speed for all other services (http, ftp, etc) that I have tested. however, when I connect over openvpn from any remote location, the speed seems abnormally slow - as in, transfers FROM the VPN server or network UP TO wherever I am does not even come CLOSE to the 10mbps that every other service seems to be able to max out just fine. it appears to be completely random; sometimes its full speed, sometimes its half, someetimes its 1/4. Over my phone's 4G LTE wifi hotspot feature i've actually seen it under 1 mbps! like, ISDN speeds
wherever I am at the remote spot and do a speedtest WITHOUT the vpn, speeds are normal (15mbps, 25mbps down for example on a cable connection at the remote location). but when I launch the VPN client, speeds immediately slow down. I am the only one using the network at the VPN side, and very often I am the only one connecting from the client side. connection type does not matter; wifi or ethernet.
the server is Arch Linux with a 3.7 kernel and openvpn 2.3; it is the router for the LAN. Client is windows 7 64-bit with openvpn 2.3.
i have:
-disable CPU throttling, WMM and QoS on the win7 client
-tried mssfix and fragment number ranging from 1000 to 1499 in various intervals - this seemed to have NO effect
-tried no-replay
-completely replaced the router/server hardware, the cable modem on the server side, and all cabling and switch
-disconnected everything from the server LAN so that the server is the only device
nothing seems to change this speed issue. once again it seems completely random, sometimes its slow sometimes its fast. as i said, the issue seems to be only the openvpn; when the speed is slow on the connection, i will sometimes temporarily enable a basic http server, get off the VPN and try downloading a file using plain http; this ALWAYS works at full speed.
server config:
Code:
port 1194
proto udp
dev tun
fragment 1428
mssfix 1428
no-replay
crl-verify crl.pem
ca /etc/openvpn/ca.crt
cert /etc/openvpn/pLAN9-VPN.crt
key /etc/openvpn/pLAN9-VPN.key
dh /etc/openvpn/dh1024.pem
server 10.11.12.0 255.255.255.0
ifconfig-pool-persist ipp.txt
route 10.11.12.0 255.255.255.0
push "route 172.16.0.0 255.255.0.0"
push "route 10.172.172.0 255.255.255.0"
push "route 192.168.192.0 255.255.255.0"
push "redirect-gateway def1"
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/ta.key 0
cipher AES-128-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 4
reneg-sec 10800
client config:
Code:
client
dev tun
port 1194
proto udp
fragment 1428
mssfix 1428
no-replay
dev-node OPENVPN
remote xx.xx.xx.xx
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files (x86)\\OpenVPN\\config\\pLAN9\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\pLAN9\\pLAN9-Laptop.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\pLAN9\\pLAN9-Laptop.key"
ns-cert-type server
tls-auth "C:\\Program Files (x86)\\OpenVPN\\config\\pLAN9\\ta.key" 1
cipher AES-128-CBC
verb 3
reneg-sec 10800
a screenshot from speedtest while on the vpn. notice that the download is actually SLOWER than the upload (craziness!) this was done on a comcast business connection over wifi with full signal strength and line of sight to the WAP. normal speeds without the vpn were 15mbps DOWN and 5mbps UP:
http://s14.postimage.org/hicctpow1/speed.png
is there ANYTHING else I can try here? i'm getting close to giving up...