On 12/02/22 21:49, Bo Berglund wrote:
On Sat, 12 Feb 2022 19:54:20 , tincantech via Openvpn-users
<openvpn-users@lists.sourceforge.net> wrote:
regarding your bottleneck, try iperf3 without the VPN but across the real
internet.
Hm,
That would entail having a way to enter my home LAN in a similar way as with
VPN, right?
I do have a few DDNS domain names pointing to my router's external address
already, so I could add a new port forward for a not so common port
(temporarily).
If I set up a port forward for such a port to the local server I guess I can
then use iperf3 to make a connection and check speed while bypassing the OpenVPN
encryption bottleneck.
a port forward to an IP address is all that iperf/iperf3 need; I would
test it with both iperf (v2.0) and iperf3, as they sometimes give
entirely different results.
Another thing to try is to temporarily disable encryption in OpenVPN -
with v2.3 and 2.4 that was still possible by adding
cipher none
ncp-disable ## v2.4+ only
to the configurations.
What I'd test with iperf is
iperf client ----> home IP, port 40000 -> forward to server LAN IP,
iperf running at port 40000
then
iperf client ----> vpn IP, port 40000 -> forward to server VPN IP,
iperf running at port 40000, no ciphers
and finally
iperf client ----> vpn IP, port 40000 -> forward to server VPN IP,
iperf running at port 40000
that way you can deduce the exact overhead of OpenVPN itself versus the
encryption.
Finally, also try playing with the option fragment on both client and
server configs, e.g.
fragment 1400
mssfix
or perhaps
fragment 0
mssfix
as that can help with performance as well.
HTH,
JJK
Like doing this with port 33456 forwarded by the router to the OpenVPN server:
Server:
iperf3 -s -p 33456 -1 -f K
Client:
iperf3 -c <my ddns domain> -p 33456 -f K
--------- So I tried that: --------------
$ iperf3 -c xxxx.boberglund.com -p 33456 -f K
Connecting to host xxxx.boberglund.com, port 33456
[ 5] local 192.168.117.251 port 55484 connected to 158.174.1xx.1yy port 33456
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 2.40 MBytes 2456 KBytes/sec 50 7.07 KBytes
[ 5] 1.00-2.00 sec 1.43 MBytes 1459 KBytes/sec 34 5.66 KBytes
[ 5] 2.00-3.00 sec 1.25 MBytes 1277 KBytes/sec 39 7.07 KBytes
[ 5] 3.00-4.00 sec 1.07 MBytes 1094 KBytes/sec 35 4.24 KBytes
[ 5] 4.00-5.00 sec 1.43 MBytes 1460 KBytes/sec 29 9.90 KBytes
[ 5] 5.00-6.00 sec 912 KBytes 912 KBytes/sec 34 1.41 KBytes
[ 5] 6.00-7.00 sec 1.07 MBytes 1095 KBytes/sec 33 5.66 KBytes
[ 5] 7.00-8.00 sec 1.25 MBytes 1277 KBytes/sec 39 9.90 KBytes
[ 5] 8.00-9.00 sec 1.43 MBytes 1459 KBytes/sec 42 4.24 KBytes
[ 5] 9.00-10.00 sec 1.25 MBytes 1277 KBytes/sec 37 4.24 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 13.4 MBytes 1377 KBytes/sec 372 sender
[ 5] 0.00-10.00 sec 13.0 MBytes 1336 KBytes/sec receiver
iperf Done.
------------------- End of test -------------------
Seems like I am getting the exact same result here, about 10 Mbit/s only...
When I run the test I have to be connected with PuTTY to the remote client and
this passes through the VPN tunnel.
I hope that is not disturbing the measurements.
I assume that there is no encryption involved with the transfers here?
The VPN connection is set up to only pass LAN-LAN traffic through the tunnel,
while Internet traffic uses the respective router as gateway to the Internet.
I also tested the Internet speed using Ookla speedtest:
Remote site:
Speedtest by Ookla
Server: RETN - Stockholm (id = 32926)
ISP: Bahnhof AB
Latency: 2.56 ms (0.07 ms jitter)
Download: 248.73 Mbps (data used: 112.6 MB )
Upload: 57.17 Mbps (data used: 70.9 MB ) <== Suspiciously slow
Packet Loss: 2.7%
Home site:
Speedtest by Ookla
Server: Bahnhof AB - Stockholm (id = 34024)
ISP: Bahnhof AB
Latency: 1.48 ms (0.90 ms jitter)
Download: 242.70 Mbps (data used: 192.2 MB)
Upload: 248.81 Mbps (data used: 368.8 MB)
Packet Loss: 0.0%
More investigation needed...
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
