Hi
I use a OpenVPN service on the internet that provides high bandwith
connections. At home i have an uncongested 100/100 mbit/s link. I have no
problems pushing 90+ mbit/s in both directions to the VPN provider.
The OpenVPN client I use is the one in Debian Wheezy. I use policy routing
and iptables to route the wanted traffic into the tunnel. The tunnel is
running on UDP and I use routed tun-interfaces and aes256 encryption. The
routing of traffic works as intended.
However, I have noticed that I get a lot of dropped packets on tx when
output is high (5-90 mbit/s). This is regardless of actual load on the WAN
interface. Even if there is 90 mbit/s available on the wan interface the
packets are dropped on the tunnel interface.
If I create a HTB shaper on the tunnel interface, limiting it to 80 mbit/s
upload the packet drops stop as long as I am not loading the WAN interface,
even when running at full 80 mbit/s in the VPN-tunnel.
I don't understand why openvpn drops packets on TX on low transfers rates
when there is an abundance of bandwith available on the actual underlying
interface but when I am shaping it to 80 mbit/s (even if the traffic is
only 5 mbit/s) it works nicely even at 80 mbit/s.
I do run tc-shaping with HTB set to 102 mbit/s upload on the physical
interface. Neither the physical WAN-interface or the fq_codel queues in the
HTB classes have a single dropped packet, only the tunnel-interface.
This seems almost like a timing issue. It is as if openvpn is creating
packets in bursts faster than the output interface is sending packets
regardless of the actual available bandwith. There is probably some
queue/buffer that is too short somewhere between the tunnel-interface and
the physical interface.
Verbose 7 logging produced absolutely no messages about dropping packets or
other misbehaviour that I could see.
I tried increasing txqueuelen to 1000 but that had no effect.
Any ideas, or is this normal behaviour?
Best Regards,
*Hans-Kristian Bakke*
------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
